[messaging] Let's run a usability study (was Useability of public-key fingerprints)
trevp at trevp.net
Tue Mar 11 00:41:02 PDT 2014
On Mon, Mar 10, 2014 at 1:14 AM, Tom Ritter <tom at ritter.vg> wrote:
> As promised, here's a first-pass at a proposal:
Nice, comments -
- Visual and poetry fingerprints seem worth including.
- Business cards can only fit a small amount of text (since most of the
space is taken up with other stuff), and don't typically contain
high-resolution images. So I'm not sure that comparing things between
screens can be reduced to comparing things on business cards.
- I suggest giving users X seconds to perform a comparison between a pair
of values that are either identical or close, then seeing whether they
correctly distinguish these cases. X can be calibrated by performing some
preliminary tests, then choosing a number that's likely to produce a
variable error rate (i.e. not so low that subjects are always guessing
randomly, not so high that they're always getting it right). This is
modeled after "character legibility" studies, e.g.
- I don't see a reason to fake-out the user by having her perform
extraneous tasks. Just seems like it would slow things down.
- For the "Spoken Aloud" test, why not just have pairs of subjects compare
the fingerprints by speaking to each other?
- I'm not sure about the '"One Subtle Flaw" case, because the fingerprints
have different notions of "tokens" so this will be hard to compare between
formats. Also, it doesn't model a realistic attacker.
- For the computationally-chosen flaw, I think you should just assume an
attacker that can consider 2^80 random candidate fingerprints, and choose
the closest-matched fingerprint this attacker could find (but of course
don't actually do 2^80 hashes, just set 80 bits of the fingerprint equal).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging