Since 2014, Apple has provided seamless end-to-end encryption for its iMessage and FaceTime services. While its services are vulnerable to man-in-the-middle attacks and law enforcement requests, it is still enviable to digital giants like Google and Yahoo who are developing their own similar approaches to email encryption.
“iMessage remains perhaps the best usable covert communication channel available today if your adversary can’t compromise Apple,” say researchers who recently published “Balancing Security and Usability in Encrypted Email” in the May/June 2017 issue of IEEE Internet Computing.
Between August 2015 and February 2016, researchers from the University of Maryland, Clemson University, and the University of New Mexico studied 52 mostly young male subjects about which encryption model was easier to use: exchange—which requires users to create and then exchange locks with people each time they want to communicate, or registration—which requires users to register their locks publicly into a registry of other users.
Because the registration model was the less tedious of the two, the participants found it considerably easier to use. They also expressed strong interest in exploring, using, and understanding the encryption models, giving providers even more incentive to make complex encryption processes easier to understand.