[messaging] Let's run a usability study (was Useability of public-key fingerprints)

Mon Apr 21 01:54:25 PDT 2014

OK  Tom, everybody. It's a holiday week here in Zurich, so I'll have lunch
with my colleague next week to discuss. Any final thoughts, include before
then, and I'll get back with a thought about what we need to make this
project happen in practice. If she's interested, I'll go ahead and invite
her to the github and suggest we continue discussion there.

>

> Christine
>
> On Sun, Apr 20, 2014 at 2:35 AM, Tom Ritter <tom at ritter.vg> wrote:
>> Hey Christine, I haven't heard anyone speak up, so I would say give it
>> a day or two to let people voice last thoughts on it
>> (https://github.com/tomrittervg/crypto-usability-study) and then pass
>> it to your colleague =)  Based on their comments, we can retool
>> things, and then the next stage will be writing code and generating
>> test cases.
>>
>> -tom
>>
>> On 8 April 2014 11:35, Christine Corbett Moran
>> <christine.corbett at gmail.com> wrote:
>>> Just an update from my end, I'll be leaving my University in September
>>> so getting this well underway by then would be ideal, as the local
>>> researcher I'd be interfacing with would need some help and advice in
>>> the experimental design.
>>>
>>> So just let me know when we have the basics ready for me to start,
>>> unfortunately with all the TextSecure work I'm not able to contribute
>>> much to this stage, but the interfacing stage should be a series of
>>> enjoyable coffees with my colleague =0, and probably helping out with
>>> administering the experiment itself.
>>>
>>> C
>>>
>>> On Tue, Apr 8, 2014 at 5:29 PM, Michael Rogers <michael at briarproject.org>
wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA256
>>>>
>>>> On 08/04/14 12:59, Tom Ritter wrote:
>>>>> A mistake. =) I've updated it with a 25/75% split between 2^80
>>>>> flaw chosen specifically and chosen at random for each type.
>>>>
>>>> Ideally we'd start with random flaws and determine empirically what
>>>> flaws are least noticeable for each encoding method. Then we'd be able
>>>> to do a proper comparison across encodings for flaws chosen by the
>>>> attacker within a given budget. Right now it doesn't seem to me that
>>>> we can separate the empirical detection rate of attacker-chosen flaws
>>>> from our intuition about what flaws an attacker would choose. So I
>>>> suggest that we start simple and leave out the non-random flaws in the
>>>> first instance.
>>>>
>>>> Cheers,
>>>> Michael
>>>>
>>>> -----BEGIN PGP SIGNATURE-----
>>>> Version: GnuPG v1.4.10 (GNU/Linux)
>>>>
>>>> iQEcBAEBCAAGBQJTRBW+AAoJEBEET9GfxSfMvTwIALMBNN1wFUspi5AkPMJTqK5i
>>>> S9ybLJFxPbVr4JZoOKLSnVLkhFtcx8fJ8NAtDjjx+o5U9/5iC3QclTI9Z0vuEEoI
>>>> vPoFZoeEokHH/x9TKNEQhBi5lmM3TcCOotCuRiMb/t1T2SITACD1hms6jY0hmodA
>>>> hBUAok/7Xh4kp+FqFO3zcHpmTFXLX8EcVzhW3fMTkffHtzGpBkltnc7JRqMJP1g/
>>>> FdYV3pwkvxEY5kVXNmeFZDpb54EgqAgYjwDGLtm6/aGXJcTTWrYr1hB2he6mgOIX
>>>> OJTKcSpjsE7gmu3Lf4AFoPv6g5zFTjsi3rbVRD3W+ClEskrcGFGYi9GFXTdnOP8=
>>>> =xiAV
>>>> -----END PGP SIGNATURE-----
>>>> _______________________________________________
>>>> Messaging mailing list
>>>> Messaging at moderncrypto.org
>>>> https://moderncrypto.org/mailman/listinfo/messaging
>>>
>>>
>>>
>>> --
>>> Christine Corbett Moran
>>> christine.corbett at gmail.com
>>> +1 (617) 398-0452
>>> www.christinecorbettmoran.com
>
>
>
> --
> Christine Corbett Moran
> christine.corbett at gmail.com
> +1 (617) 398-0452
> www.christinecorbettmoran.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140421/0c0260b3/attachment.html>