sponsors
usenix conference policies
Social Authentication for End-to-End Encryption
Elham Vaziripour, Mark O'Neill, Justin Wu, Scott Heidbrink, Kent Seamons, and Daniel Zappala, Brigham Young University
Over the last several decades, it has become increasingly important to secure data via end-to-end encryption. The Internet has evolved to provide security for connections, primarily using TLS (or SSL), but generally fails to provide true end-to-end encryption. While TLS and similar protocols encrypt data during transit, data at rest is often unprotected, residing in storage on a client or server machine in plaintext. Data in this state are susceptible to honest-but-curious service providers, hackers, physical theft, and coercive governments.
Generic public-key cryptography provides powerful mechanisms to enable end-to-end encryption, but providing good usability for these mechanisms is a challenging task for novice users|leading to the decades-long situation where "Johnny can't encrypt". The primary problems center on user-to-user authentication { authenticating users to each other by associating their identities with public keys. We have made signicant progress authenticating web sites to users (via X509 certicates and associated authorities) and authenticating users to web sites (with passwords). Each of these have their challenges, but have at least been widely deployed. Authenticating users to one another, however, has seen relatively little adoption. Usable mechanisms for personal key management, key distribution, and key authentication are still largely open issues.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Elham Vaziripour and Mark O{\textquoteright}Neill and Justin Wu and Scott Heidbrink and Kent Seamons and Daniel Zappala},
title = {Social Authentication for {End-to-End} Encryption},
booktitle = {Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)},
year = {2016},
address = {Denver, CO},
url = {https://www.usenix.org/conference/soups2016/workshop-program/way2016/presentation/vaziripour},
publisher = {USENIX Association},
month = jun
}
connect with us