Issue No. 03 - May-June (2017 vol. 21)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MIC.2017.57
Wei Bai , University of Maryland
Doowon Kim , University of Maryland
Moses Namara , Clemson University
Yichen Qian , University of Maryland
Patrick Gage Kelley , University of New Mexico
Michelle L. Mazurek , University of Maryland
End-to-end encryption is the best way to protect digital messages. Historically, end-to-end encryption has been extremely difficult for people to use, but recent tools have made it more broadly accessible, largely by employing key-directory services. These services sacrifice some security properties for convenience. The authors wanted to understand how average users think about these tradeoffs. They conducted a 52-person user study and found that participants could learn to understand properties of different encryption models. Users also made coherent assessments about when different tradeoffs might be appropriate. Participants recognized that the less-convenient exchange model was more secure overall, but considered the registration model's security sufficient for most everyday purposes.
Digital communication, Encryption, Usability, Privacy, Public key, Computer security
W. Bai, D. Kim, M. Namara, Y. Qian, P. G. Kelley and M. L. Mazurek, "Balancing Security and Usability in Encrypted Email," in IEEE Internet Computing, vol. 21, no. 3, pp. 30-38, 2017.