Paper published in a journal (Scientific congresses, symposiums and conference proceedings)
Making Encryption Feel Secure: Investigating how Descriptions of Encryption Impact Perceived Security
Distler, Verena; Lallemand, Carine; Koenig, Vincent
2020In The 5th European Workshop on Usable Security (EuroUSEC 2020)
Peer reviewed
 

Files


Full Text
eusec20-Distler.pdf
Author postprint (939.66 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Usable Security and Privacy; User Experience; Encryption
Abstract :
[en] When communication about security to end users is ineffective, people frequently misinterpret the protection offered by a system. The discrepancy between the security users perceive a system to have and the actual system state can lead to potentially risky behaviors. It is thus crucial to understand how security perceptions are shaped by interface elements such as text-based descriptions of encryption. This article addresses the question of how encryption should be described to non-experts in a way that enhances perceived security. We tested the following within-subject variables in an online experiment (N=309): a) how to best word encryption, b) whether encryption should be described with a focus on the process or outcome, or both c) whether the objective of encryption should be mentioned d) when mentioning the objective of encryption, how to best describe it e) whether a hash should be displayed to the user. We also investigated the role of context (between subjects). The verbs “encrypt” and “secure” performed comparatively well at enhancing perceived security. Overall, participants stated that they felt more secure not knowing about the objective of encryption. When it is necessary to state the objective, positive wording of the objective of encryption worked best. We discuss implications and why using these results to design for perceived lack of security might be of interest as well. This leads us to discuss ethical concerns, and we give guidelines for the design of user interfaces where encryption should be communicated to end users.
Disciplines :
Computer science
Author, co-author :
Distler, Verena ;  University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS)
Lallemand, Carine  ;  University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS)
Koenig, Vincent ;  University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS)
External co-authors :
yes
Language :
English
Title :
Making Encryption Feel Secure: Investigating how Descriptions of Encryption Impact Perceived Security
Publication date :
2020
Event name :
The 5th European Workshop on Usable Security (EuroUSEC 2020)
Event date :
07-09-2020
Audience :
International
Journal title :
The 5th European Workshop on Usable Security (EuroUSEC 2020)
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR10621687 - Security And Privacy For System Protection, 2015 (01/01/2017-30/06/2023) - Sjouke Mauw
Available on ORBilu :
since 30 July 2020

Statistics


Number of views
115 (9 by Unilu)
Number of downloads
238 (9 by Unilu)

Scopus citations®
 
4
Scopus citations®
without self-citations
4
WoS citations
 
3

Bibliography


Similar publications



Contact ORBilu