How Safe Is Safety Number? A User Study on SIGNAL’s Fingerprint and Safety Number Methods for Public Key Verification

Kemal Bicakci*, Enes Altuncu, Muhammet Sakir Sahkulubey, Hakan Ezgi Kiziloz, Yusuf Uzunay

*Bu çalışma için yazışmadan sorumlu yazar

Araştırma sonucu: Kitap/Rapor/Konferans Bildirisinde BölümKonferans katkısıbilirkişi

1 Atıf (Scopus)

Özet

Communication security has become an indispensable demand of smartphone users. End-to-end encryption is the key factor for providing communication security, which mainly relies on public key cryptography. The main and unresolved issue for public key cryptography is to correctly match a public key with its owner. Failing to do so could lead to man-in-the-middle attacks. Different public key verification methods have been proposed in the literature. The methods which are based on verification by the users themselves are preferable with respect to cost and deployability than the methods such as digital certificates that involve the use of trusted third parties. One of these methods, fingerprinting was recently replaced by a method called safety number in the open source messaging application, SIGNAL. The developers of SIGNAL claimed this change would bring usability and security advantages however no formal user study was conducted supporting this claim. In this study, we compare the usability and security aspects of these two methods with a user study on 42 participants. The results indicate with significance that the safety number method leads to more successful results in less time for public key verification as compared to the fingerprint method.

Orijinal dilİngilizce
Ana bilgisayar yayını başlığıInformation Security - 21st International Conference, ISC 2018, Proceedings
EditörlerLiqun Chen, Mark Manulis, Steve Schneider
YayınlayanSpringer Verlag
Sayfalar85-98
Sayfa sayısı14
ISBN (Basılı)9783319991351
DOI'lar
Yayın durumuYayınlandı - 2018
Harici olarak yayınlandıEvet
Etkinlik21st Information Security Conference, ISC 2018 - Guildford, United Kingdom
Süre: 9 Eyl 201812 Eyl 2018

Yayın serisi

AdıLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Hacim11060 LNCS
ISSN (Basılı)0302-9743
ISSN (Elektronik)1611-3349

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???21st Information Security Conference, ISC 2018
Ülke/BölgeUnited Kingdom
ŞehirGuildford
Periyot9/09/1812/09/18

Bibliyografik not

Publisher Copyright:
© 2018, Springer Nature Switzerland AG.

Parmak izi

How Safe Is Safety Number? A User Study on SIGNAL’s Fingerprint and Safety Number Methods for Public Key Verification' araştırma başlıklarına git. Birlikte benzersiz bir parmak izi oluştururlar.

Alıntı Yap