Security and usability engineering with particular attention to electronic mail

Röth, Volker; Straub, Tobias; Richter, Kai

doi:10.1016/j.ijhcs.2005.04.015

Cited by 17 publications

(18 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Roth et al [19] suggested mail envelopes and postcards. Tong et al [20] proposed metaphors arguably couched in the jargon of domain experts, such as key, lock, seal and imprint.…”

Section: B Metaphors and Mental Models In Securitymentioning

confidence: 99%

Metaphors considered harmful? An exploratory study of the effectiveness of functional metaphors for end-to-end encryption

Demjaha¹,

Spring²,

Becker³

et al. 2018

Proceedings 2018 Workshop on Usable Security

View full text Add to dashboard Cite

Abstract-Background: Research has shown that users do not use encryption and fail to understand the security properties which encryption provides. We hypothesise that one contributing factor to failed user understanding is poor explanations of security properties, as the technical descriptions used to explain encryption focus on structural mental models. Purpose: We methodically generate metaphors for end-to-end (E2E) encryption that cue functional models and develop and test the metaphors' effect on users' understanding of E2E-encryption. Data: Transcripts of 98 interviews with users of various E2E-encrypted messaging apps and 211 survey responses. Method: First, we code the user interviews and extract promising explanations. These user-provided explanations inform the creation of metaphors using a framework for generating metaphors adapted from literature. The generated metaphors and existing industry descriptions of E2E-encryption are analytically evaluated. Finally, we design and conduct a survey to test whether exposing users to these descriptions improves their understanding of the functionality provided by E2E-encrypted messaging apps. Results: While the analytical evaluation showed promising results, none of the descriptions tested in the survey improve understanding; descriptions frequently cue users in a way that undoes their previously correct understanding. Metaphors developed from user language are better than existing industry descriptions, in that ours cause less harm. Conclusion: Creating explanatory metaphors for encryption technologies is hard. Short statements that attempt to cue mental models do not improve participants' understanding. Better solutions should build on our methodology to test a variety of potential metaphors, to understand both the improvement and harm that metaphors may elicit.

show abstract

“…Roth et al [19] suggested mail envelopes and postcards. Tong et al [20] proposed metaphors arguably couched in the jargon of domain experts, such as key, lock, seal and imprint.…”

Section: B Metaphors and Mental Models In Securitymentioning

confidence: 99%

Metaphors considered harmful? An exploratory study of the effectiveness of functional metaphors for end-to-end encryption

Demjaha¹,

Spring²,

Becker³

et al. 2018

Proceedings 2018 Workshop on Usable Security

View full text Add to dashboard Cite

show abstract

“…We adopted the first approach for Study I because we assumed that understanding the GnuPG key trust assignment model would be very complex for users. This assumption was based in part on the complexity of this model as it allows for transitive trust establishment and in part on previous usability studies with secure email [12,28,32]. However, it turns out that the key signing approach is not appropriate based on our usability observations.…”

Section: Encrypted With Forged "To"mentioning

confidence: 99%

“…GnuPG allows two ways of achieving trust: signing keys or using the GnuPG trust model. We decided to study both ways of achieving trust with the initial assumption and default implementation that the first approach will work because prior usability studies in secure email indicated that users find it very challenging to deal with the GnuPG trust model [12,28,32]. For managing and using multiple keys we proposed a simple approach, namely, recommend that users use the same passphrase to protect all private keys and use the passphrase caching tools to manage that passphrase.…”

mentioning

confidence: 99%

Usable secure mailing lists with untrusted servers

Bobba

Muggli

Pant

et al. 2009

Proceedings of the 8th Symposium on Identity and Trust on the Internet

View full text Add to dashboard Cite

Mailing lists are a natural technology for supporting messaging in multi-party, cross-domain collaborative tasks. However, whenever sensitive information is exchanged on such lists, security becomes crucial. We have earlier developed a prototype secure mailing list solution called SELS (Secure Email List Services) based on proxy encryption techniques [20], which enables the transformation of cipher-text from one key to another without revealing the plain-text. Emails exchanged using SELS are ensured confidentiality, integrity, and authentication. This includes ensuring their confidentiality while in transit at the list server; a functionality that is uniquely supported by SELS through proxy re-encryption. In this work we describe our efforts in studying and enhancing the usability of the software system and our experiences in supporting a production environment that currently is used by more than 50 users in 11 organizations. As evidence of its deployability, SELS is compatible with common email clients including Outlook, Thunderbird, Mac Mail, Emacs, and Mutt. As evidence of its usability, the software is being used by several national and international incident response teams.

show abstract

“…Diverse Autoren schlugen daher vor, auf Zertifizierungsstellen (CAs) zu verzichten und auf alternative Modelle wie bspw. selbst-signierte Zertifikate und Key Continuity Management (KCM) zurückzugreifen [3,10,11,12]. Die Nutzer müssten sich bei einem solchen System jedoch selbst darum kümmern, die Authentizität der initial verwendeten Schlüssel zu verifizieren, bspw.…”

unclassified

“…Ein automatisierter Ansatz ohne diese Nachteile stammt von Google. 10 Generell hat sich unter Experten noch kein klarer Konsens gebildet, ob Nutzer dabei unterstützt werden sollen, die Funktionsweise von Public-Key-Systemen sowie entsprechende Risiken zu verstehen [13,14] bzw. hilfreiche mentale Modelle zu bilden [15], oder ob Benutzungsschnittstellen möglichst transparent gestaltet und die internen Prozesse vor den Nutzern verborgen werden sollten [4,16].…”

unclassified