Johnny 2

Simson L. Garfinkel, Robert C. Miller
2005 Proceedings of the 2005 symposium on Usable privacy and security - SOUPS '05  
Secure email has struggled with signifcant obstacles to adoption, among them the low usability of encryption software and the cost and overhead of obtaining public key certificates. Key continuity management (KCM) has been proposed as a way to lower these barriers to adoption, by making key generation, key management, and message signing essentially automatic. We present the first user study of KCM-secured email, conducted on naive users who had no previous experience with secure email. Our
more » ... re email prototype, CoPilot, color-codes messages depending on whether they were signed and whether the signer was previously known or unknown. We find that this interface makes users significantly less susceptible to social engineering attacks overall, but new-identity attacks (from email addresses never seen before) are still effective. Also, naive users do use the Sign and Encrypt button on the Outlook Express toolbar when the situation seems to warrant it, even without explicit instruction, although some falsely hoped that Encrypt would protect a secret message even when sent directly to an attacker. We conclude that KCM is a workable model for improving email security today, but more work is needed to alert users to certain attacks.
doi:10.1145/1073001.1073003 dblp:conf/soups/GarfinkelM05 fatcat:bhf5yi4npbdbbbtd54ej2yogxa