Helping Johnny 2.0 to encrypt his Facebook conversations

SOUPS 2012 - Proceedings of the 8th Symposium on Usable Privacy and Security

Volumn , Issue , 2012, Pages

  Fahl, Sascha ^a   Harbach, Marian ^a   Muders, Thomas ^a   Smith, Matthew ^a   Sander, Uwe ^b  

^a LEIBNIZ UNIVERSITY HANNOVER   (Germany)

^b UNIVERSITY OF APPLIED SCIENCES AND ARTS   (Germany)

Author keywords

Message encryption; Social networks; Usable security

Indexed keywords

DESIGN DECISIONS; E-MAIL SECURITY; FACEBOOK; KEY MANAGEMENT; KEY RECOVERY; LABORATORY STUDIES; MESSAGE ENCRYPTION; SERVICE-BASED; SOCIAL NETWORKS; USABLE SECURITY;

CRYPTOGRAPHY; USABILITY ENGINEERING;

SOCIAL NETWORKING (ONLINE);

EID: 84865031605     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2335356.2335371     Document Type: Conference Paper

References (22)

1. J. Anderson, C. Diaz, J. Bonneau, and F. Stajano. Privacy-enabling Social Networking over Untrusted Networks. In Proceedings of the 2nd ACM Workshop on Online Social Networks, pages 1-6, 2009.
2. F. Beato, M. Kohlweiss, and K. Wouters. Scramble! Your Social Network Data. In Proceedings of the 11th International Conference on Privacy Enhancing Technologies, pages 211-225. Springer, 2011.
3. J. Brooke. SUS: A "Quick and Dirty" Usability Scale. In P. Jordan, B. Thomas, B. Weerdmeester, and A. McClelland, editors, Usability Evaluation in Industry. Taylor and Francis, 1996.
4. B. Dodson, I. Vo, T. J. Purtell, A. Cannon, and M. S. Lam. Musubi: Disintermediated Interactive Social Feeds for Mobile Devices. In Proceedings of the 21st International Conference on World Wide Web, pages 211 - 220, 2012.
5. S. Egelman, A. Oates, and S. Krishnamurthi. Oops, I Did it Again: Mitigating Repeated Access Control Errors on Facebook. In Proceedings of the 29th International Conference on Human Factors in Computing Systems. ACM, May 2011.
6. S. Egelman, J. Tsai, L. F. Cranor, and A. Acquisti. Timing is Everything?: The Effects of Timing and Placement of Online Privacy Indicators. In Proceedings of the 27th International Conference on Human Factors in Computing Systems, pages 319-328. ACM, 2009.
7. S. Fahl, M. Harbach, T. Muders, and M. Smith. Confidentiality as a Service - Usable Security for the Cloud. In Proceedings of the IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2012.
8. S. Fahl, M. Harbach, T. Muders, and M. Smith. TrustSplit: Usable Confidentiality for Social Network Messaging. In Proceedings of the ACM Conference on Hypertext and Hypermedia, 2012.
9. S. Garfinkel. Email-based Identification and Authentication: An Alternative to PKI? IEEE Security & Privacy, 1(6):20-26, Nov. 2003.
10. S. L. Garfinkel and R. C. Miller. Johnny 2: A User Test of Key Continuity Management with S/MIME and Outlook Express. In Proceedings of the First Symposium on Usable Privacy and Security. ACM, July 2005.
11. M. Harbach, S. Fahl, T. Muders, and M. Smith. POSTER: All Our Messages Are Belong to Us: Usable Confidentiality in Social Networks. In Proceedings Companion of the 21st International Conference on World Wide Web, Apr. 2012.
12. C. Herley and P. Van Oorschot. A Research Agenda Acknowledging the Persistence of Passwords. IEEE Security & Privacy, 10(1):28-36, 2012.
13. J. King, A. Lampinen, and A. Smolen. Privacy: Is There an App for That? In Proceedings of the Seventh Symposium on Usable Privacy and Security. ACM, July 2011.
14. A. P. Lambert, S. M. Bezek, and K. G. Karahalios. Waterhouse: Enabling Secure E-mail With Social Networking. In Proceedings of the International Conference On Human Factors In Computing Systems. ACM, Apr. 2009.
15. J. Lazar, J. H. Feng, and H. Hochheiser. Resarch Methods in Human-Computer Interaction. Wiley, 2010.
16. M. M. Lucas and N. Borisov. FlyByNight: Mitigating the Privacy Risks of Social Networking. In Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, pages 1-8, 2008.
17. M.-E. Maurer, A. De Luca, and S. Kempe. Using Data Type Based Security Alert Dialogs To Raise Online Security Awareness. In Proceedings of the Seventh Symposium on Usable Privacy and Security. ACM, 2011.
18. National Institute of Standards and Technology (NIST). Advanced Encryption Standard (AES) (FIPS PUB 197), October 2001.
19. P. Rogaway and D. Wagner. Comments to NIST concerning AES Modes of Operations: CTR-Mode Encryption. National Institute of Standards and Technologies, 2000.
20. S. Sheng, C. Koranda, J. Hyland, and L. Broderick. Why Johnny Still Can't Encrypt: Evaluating the Usability of Email Encryption Software. In Proceedings of the Second Symposium on Usable Privacy and Security, Poster, 2006.
21. N. Wang, H. Xu, and J. Grossklags. Third-party Apps on Facebook: Privacy and the Illusion of Control. In Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology, 2011.
22. A. Whitten and J. Tygar. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. In Proceedings of the 8th USENIX Security Symposium, 1999.