[messaging] Let's run a usability study (was Useability of public-key fingerprints)

Mon Mar 24 02:57:29 PDT 2014

In terms of visual hashes I asked Nicholas Wilson[0] about them as he
did an investigation of them a year or so ago and I think came to the
conclusion that they weren't useful.

Some of his comments follow:

> The problem ultimately was that people aren't as visual as we think we
> are. We can spot things like "lion", or "tree" very well, but even
> with perfectly memorable images (ie non-random, visually distinctive
> ones like stuff pulled from flickr) we just can't remember enough
> detail from the picture - according to one study, we zone out at a
> detail level of around 2^32 at best, 2^24 practically.
> 
> Identicons are a catastrophe for cryptographic use - there's no way an
> average person can distinguish more than 2^20 different polygonal
> pictures. Given one picture, it's not hard to make a key whose
> fingerprint has the roughly the same polygons and colours. Do not use!
> 
> Similarly I think the OpenSSH art is highly susceptible to producing
> almost-duplicate splodges. Certainly nowhere near as good as
> https://github.com/thevash/vash which is the best (has many
> improvements over Andrej Bauer's original solution).
> 
> My best attempt was "stacking" various pictures, eg requiring the user
> to remember a grid of five images taken from a flickr-derived
> database. That's good, but I'd still be surprised if it's all that
> resistant to brute-forcing.
> 
> Ultimately, word-based visualisations are the best I could find. I
> suggest Oren Tirosh's mnemonicode. Remembering 64 bits without error
> is very easy. Our brains are best at taking in the bits when they're
> done as a sequence. Here's a 64-bit sequence: "Albert studio giant.
> Nevada safari Asia." It can be written down too, which is very nice
> (images certainly can't), and as proof it's easy to remember you don't
> even have to glance between the screen and the paper.

I can chase up citations if that would be useful.

Daniel

[0]: http://www.nicholaswilson.me.uk/

On 23/03/14 17:21, Tom Ritter wrote:
> About a week late, but updated:
> https://github.com/tomrittervg/crypto-usability-study
> 
> Some of the larger Open Questions:
>  - Are we settled on unicorns? (This is more about how it's generated:
> http://unicornify.appspot.com/making-of)
>  - We have two participants speaking fingerprints aloud to each other.
> Do we want them to do it over a cell phone to add difficulty, or just
> omit that bit?
>  - We're settled on not trying to do a head-fake?
> 
> -tom
> 
> On 13 March 2014 09:29, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>> On 03/13/2014 02:18 AM, Tom Ritter wrote:
>>> On 11 March 2014 00:41, Trevor Perrin <trevp at trevp.net> wrote:
>>>> Fingerprint Types
>>>>  - Visual and poetry fingerprints seem worth including.
>>>
>>> Does anyone have a preference for type of visual fingerprint?  Some of
>>> the implementations I know of are:
>>>  - Identicons: http://haacked.com/archive/2007/01/22/Identicons_as_Visual_Fingerprints.aspx/
>>>  - Monsters: http://www.splitbrain.org/projects/monsterid
>>>  - Wavatars: http://www.shamusyoung.com/twentysidedtale/?p=1462
>>>  - Unicorns (really)
>>> http://meta.stackoverflow.com/questions/37328/my-godits-full-of-unicorns
>>>
>>> I think I will go with identicons unless anyone really thinks unicorns
>>> is better ;)
>>
>> i think for all of the above, we're going to have a difficult time
>> designing credible similarity metrics that roughly match the metrics
>> used by the "fuzzy fingerprinting" work.
>>
>> i do ♥ the unicorns though.
>>
>>         --dkg
>>
>>
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140324/76ba1507/attachment.sig>