[messaging] Let's run a usability study (was Useability of public-key fingerprints)

Michael Rogers michael at briarproject.org
Tue Apr 8 08:29:02 PDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 08/04/14 12:59, Tom Ritter wrote:
> A mistake. =) I've updated it with a 25/75% split between 2^80
> flaw chosen specifically and chosen at random for each type.

Ideally we'd start with random flaws and determine empirically what
flaws are least noticeable for each encoding method. Then we'd be able
to do a proper comparison across encodings for flaws chosen by the
attacker within a given budget. Right now it doesn't seem to me that
we can separate the empirical detection rate of attacker-chosen flaws
from our intuition about what flaws an attacker would choose. So I
suggest that we start simple and leave out the non-random flaws in the
first instance.

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBCAAGBQJTRBW+AAoJEBEET9GfxSfMvTwIALMBNN1wFUspi5AkPMJTqK5i
S9ybLJFxPbVr4JZoOKLSnVLkhFtcx8fJ8NAtDjjx+o5U9/5iC3QclTI9Z0vuEEoI
vPoFZoeEokHH/x9TKNEQhBi5lmM3TcCOotCuRiMb/t1T2SITACD1hms6jY0hmodA
hBUAok/7Xh4kp+FqFO3zcHpmTFXLX8EcVzhW3fMTkffHtzGpBkltnc7JRqMJP1g/
FdYV3pwkvxEY5kVXNmeFZDpb54EgqAgYjwDGLtm6/aGXJcTTWrYr1hB2he6mgOIX
OJTKcSpjsE7gmu3Lf4AFoPv6g5zFTjsi3rbVRD3W+ClEskrcGFGYi9GFXTdnOP8=
=xiAV
-----END PGP SIGNATURE-----


More information about the Messaging mailing list