[messaging] Let's run a usability study (was Useability of public-key fingerprints)

George Violaris violarisgeorge at gmail.com
Mon Mar 10 01:34:32 PDT 2014

Hello, new to the list,

In addition to what Tom has posted, I would like to believe in having
an English word dictionary, where depending on the fingerprint type
used we can use functions to represent pairs or pairs of pairs with
English words.

For example having 43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 can
be broken up to pairs such as 4351, 43a1, b5fc, etc. Each pair can be
hashed into an actual English word which can be read over the phone or
sent in a message, therefore authenticating the public key. i.e. fox -
far - hood - bar - fish - build - more - tent

I don't think that having obfuscated words which can seemingly be
pronounced but in reality most will need to be spelled out is a good
idea, as users will just not do it, it takes too long, and is more
prone to errors.

Also, by using actual English words you can do a variation/combination
of both the "head-fake" and time-gated approaches.

George Violaris

PK for encrypted messages:

On Mon, Mar 10, 2014 at 10:14 AM, Tom Ritter <tom at ritter.vg> wrote:
> As promised, here's a first-pass at a proposal:
> https://github.com/tomrittervg/crypto-usability-study
> On 9 March 2014 20:10, Joseph Bonneau <jbonneau at gmail.com> wrote:
>> I'm interested in helping out as well if I can, glad to see there's some
>> movement here! In particular I can help with data analysis/significance
>> testing if that's something needed, though sounds like the sample size will
>> be low.
>>> For the tests, I could imagine giving users pairs of fingerprints which
>>> are either identical or a close match, and have them choose same/different
>>> after X seconds, where X is tuned to produce a significant error rate.  I'd
>>> also try having one value on a screen, and the other in different formats
>>> that might be used for fingerprint exchange:  e.g. printed on the front of a
>>> business card, displayed on a separate screen, read aloud, written on a
>>> napkin, etc.
>> I think I've made this point before but I think the main challenge is seeing
>> how users perform not just in a quick check time wise, but one in which they
>> have no reason to suspect an error, because most of the time most users
>> don't think they're being attacked so they just check the beginning for a
>> gross error then click through. If you tell users to check for errors, it
>> may not represent very well how they'd do in practice. Perhaps the only way
>> around this is to show users fingerprints which match in 99% of cases and
>> see if they catch the 1% when they are mind-numbingly bored and their prior
>> is low. But that probably has to be an mTurk study...
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging

More information about the Messaging mailing list