Improving Non-Experts’ Understanding of End-to-End Encryption: An Exploratory Study

2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)(2020)

引用 14|浏览18
End-to-end encryption (E2EE) can effectively protect the privacy of online communication and has been adopted by several popular messaging apps. However, prior research indicates that many users have difficulty using E2EE tools correctly and confidently, as well as recognizing their security benefits, in part because of incorrect mental models. This paper takes a first step toward providing high-level, roughly correct information about end-to-end encryption to non-experts. In a lab study, participants (n=25) were asked about their understanding of E2EE before and after a tutorial we created, as well as which information they found most useful and surprising. Overall, participants' understanding of the benefits and limitations of E2EE improved. They found information about confidentiality, risks and weaknesses most useful, surprising, and compelling to pass on to others. Some confusion about integrity and authenticity remained. The results provide insight into how to structure new educational materials for E2EE.
end to end encryption,E2EE,privacy protection,online communication,integrity,authenticity
AI 理解论文
Chat Paper