Stories
Slash Boxes
Comments

SoylentNews is people

Why Johnny Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client

posted by martyb on Sunday November 08 2015, @02:06PM   Printer-friendly
from the Wbuaal-qbrf-abg-rira-haqrefgnaq-EBG13 dept.

Phoenix666 writes:

This paper presents the results of a laboratory study involving Mailvelope, a modern PGP client that integrates tightly with existing webmail providers. In our study, we brought in pairs of participants and had them attempt to use Mailvelope to communicate with each other. Our results shown that more than a decade and a half after "Why Johnny Can't Encrypt," modern PGP tools are still unusable for the masses. We finish with a discussion of pain points encountered using Mailvelope, and discuss what might be done to address them in future PGP systems.

The PDF of the study can be found here.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Why Johnny Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client | Log In/Create an Account | Top | 69 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday November 09 2015, @07:09AM

    by Anonymous Coward on Monday November 09 2015, @07:09AM (#260672)

    The part you are missing is that I don't think changing the expiry is necessary if the software will allow you to do operations on expired keys (with dire warnings of course).

    I am not sure if the designer of PGP had a specific reason for doing it the way he did other than elegant design.

    Essentially, if you make the expiry date tied to the key, such that the fingerprint changes: the expiry field the becomes mandatory rather than optional. I agree that most fields should be optional; allowing changes without changing the fingerprint. I think that the expiry date is pointless if it can be changed later.

  • (Score: 0) by Anonymous Coward on Monday November 09 2015, @04:18PM

    by Anonymous Coward on Monday November 09 2015, @04:18PM (#260808)

    OK, I think I figured out why changing the expiry date does not change the hash (fingerprint).

    Generating a keypair is an expensive operation, while generating an expiry date is not.

    If the date is used as a nonce, it would make generating partial hash collisions easy. Since short keys only have 8 hex-digits, that means you need only match 64 bits to catch the unwary. (Bitcoin requires 32 hex digits to match at difficulty 0)