[messaging] Are we pursuing real solutions for security?

Trevor Perrin trevp at trevp.net
Tue Mar 11 10:33:11 PDT 2014

On Tue, Mar 11, 2014 at 3:33 AM, Tony Arcieri <bascule at gmail.com> wrote:

> I feel like solutions that rely on manual verification of key fingerprints
> fall into this category:
> http://i.imgur.com/2bEWKNS.png
> I don't think these solutions are providing effective security. I feel we
> need to start from the real needs of real users, and work backwards.

How fingerprints fit into an overall secure-comms UI is a good question.

I agree that asking users to compare fingerprints routinely is a bad idea.
 Automating authentication (e.g. "trust-on-first-use", key servers) will be
better for most users most of the time.

But anything automated breaks down occasionally (the TOFU key has changed -
what do you?), and requires assumptions not every user will be comfortable
with (might a MITM have been present in first contact?  do I trust the key

So being able to manually verify fingerprints comes in handy, and has been
a part of crypto UIs for a long time (PGP, SSH, OTR, TextSecure, CryptoCat,
etc.).  Since there's almost no UI research here it seems reasonable to
look into it and try to establish some best practices.

> One can propose a study for optimum time-based fingerprint verification
> and study fingerprint accuracy, but are fingerprints even a good idea? I
> feel that's where you need to start with any sort of usability study.

Christine is talking to a researcher with specific experience in usability
studies of information representation.

Broader studies would of course be worthwhile too, if someone wanted to
volunteer resources for that.


[1] https://moderncrypto.org/mail-archive/messaging/2014/000129.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140311/665a7931/attachment.html>

More information about the Messaging mailing list