[messaging] Are we pursuing real solutions for security?
Trevor Perrin
trevp at trevp.net
Tue Mar 11 10:33:11 PDT 2014
On Tue, Mar 11, 2014 at 3:33 AM, Tony Arcieri <bascule at gmail.com> wrote:
> I feel like solutions that rely on manual verification of key fingerprints
> fall into this category:
>
> http://i.imgur.com/2bEWKNS.png
>
> I don't think these solutions are providing effective security. I feel we
> need to start from the real needs of real users, and work backwards.
>
How fingerprints fit into an overall secure-comms UI is a good question.
I agree that asking users to compare fingerprints routinely is a bad idea.
Automating authentication (e.g. "trust-on-first-use", key servers) will be
better for most users most of the time.
But anything automated breaks down occasionally (the TOFU key has changed -
what do you?), and requires assumptions not every user will be comfortable
with (might a MITM have been present in first contact? do I trust the key
server?).
So being able to manually verify fingerprints comes in handy, and has been
a part of crypto UIs for a long time (PGP, SSH, OTR, TextSecure, CryptoCat,
etc.). Since there's almost no UI research here it seems reasonable to
look into it and try to establish some best practices.
> One can propose a study for optimum time-based fingerprint verification
> and study fingerprint accuracy, but are fingerprints even a good idea? I
> feel that's where you need to start with any sort of usability study.
>
Christine is talking to a researcher with specific experience in usability
studies of information representation.
Broader studies would of course be worthwhile too, if someone wanted to
volunteer resources for that.
Trevor
[1] https://moderncrypto.org/mail-archive/messaging/2014/000129.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140311/665a7931/attachment.html>
More information about the Messaging
mailing list