Co-ordinating Developers and High-Risk Users of Privacy-Enhanced Secure Messaging Protocols - Institut des sciences de la communication du CNRS
Document Associé À Des Manifestations Scientifiques Année : 2018

Co-ordinating Developers and High-Risk Users of Privacy-Enhanced Secure Messaging Protocols

Résumé

Due to the increased deployment of secure messaging protocols , differences between what developers "believe" are the needs of their users and their actual needs can have real consequences. Based on 90 interviews with both high and low-risk users, as well as the developers of popular secure messaging applications, we mapped the design choices of the protocols made by developers to the relevance of these features to threat models of both high-risk and low-risk users. Client device seizures are considered more dangerous than compromised servers by high-risk users. Key verification was important to high-risk users, but they often did not engage in cryptographic key verification, instead using other "out of band" means for key verification. High-risk users, unlike low-risk users, needed pseudonyms and were heavily concerned over metadata collection. Developers tended to value open standards, open-source, and decentralization, but high-risk users found these aspects less urgent given their more pressing concerns.
Fichier principal
Vignette du fichier
main.pdf (219.73 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01966560 , version 1 (28-12-2018)

Identifiants

  • HAL Id : hal-01966560 , version 1

Citer

Harry Halpin, Ksenia Ermoshina, Francesca Musiani. Co-ordinating Developers and High-Risk Users of Privacy-Enhanced Secure Messaging Protocols. SSR 2018 - Security Standardisation Research Conference, Nov 2018, Darmstadt, Germany. ⟨hal-01966560⟩
420 Consultations
1735 Téléchargements

Partager

More