(PDF) Why Johnny Still, Still Can’t Encrypt: Evaluating the Usability of a Modern PGP Client

Why Johnny however, hush Can ’ thymine Encrypt : Evaluating the Usability of a Modern PGP Client Scott Ruoti, Jeff Andersen, Daniel Zappala, Kent Seamons

Brigham Y

oung University {

ruoti, andersen


@ isrl.byu.edu,


zappala, seamons


@ cs.byu.edu

abstract This wallpaper presents the results of a lab study involv- ing Mailvelope, a modern PGP node that integrates tightly with existing webmail providers.

In our learn, we brought in pairs of participants and had them attack to use Mailve- lope to communicate with each other. Our results shown that more than a decade and a half after

Why Johnny Can’t En-


, modern PGP tools are still unusable for the masses.


e finish with a discussion of pain points encountered using Mailvelope, and discuss what might be done to address them in future PGP systems. Author Keywor

five hundred security, serviceability

, secure e-mail, PGP ACM Classification Keyw

ords H.1.2.

Models and Principles :

User/Machine Systems—


man factors

; H.5.2.

Information Interfaces and Presentation

( e.g. HCI ) : User Interfaces—

user-centered design

insertion available, procure e-mail is still an open trouble more than 15 years after it was first studied by Whitten et aluminum. [ 10 ].

Six years after the master Johnny paper, Sheng et aluminum.

showed that PGP 9 was still difficult for users to operate correctly [ 9 ]. In this newspaper, we attempt to see if in the last ten, mod PGP-based tools have improved to the point where users can successfully send code electronic mail. W

einsteinium elected to test Mailvelope, a modern PGP tool,

for our cogitation. Mailvelope is a browser annex that integrates with users ’ webmail systems. It is the only organization presently being promoted by the EFF ’ mho batten message grade wag


that in- tegrates with users ’ webmail providers, an important feature for many users.

It is besides highly rated on the Chrome W

exabyte store, with 242 users jointly giving it 4.6 out of 5 stars. In our own test of PGP alternatives, we found Mailv

elope to be approximately adenine functional as other alternatives ( i.e., GPG T

ools, Enigmail, Google ’ s End-to-End Encryption ). 1







In our study of 20 participants, grouped into 10 pairs of par- ticipants who attempted to exchange code electronic mail, only one pair was able to successfully complete the delegate tasks

using Mailvelope. All other participants were unable to com- plete the impute undertaking in the one hour allotted to the study. This demonstrates that encrypting e-mail with PGP

, as imple- mented in Mailvelope, is still unserviceable for the masses. Our results besides shed lightly on respective ways that PGP-based tools could be improved.


integrated tutorials would be helpful in assisting first time users in knowing what they should be doing at any given item in clock.

Second, an ap- proachable description of public key cryptanalysis could help users correctly manage their own keys.

Third, in channel with previous work by Atwater et alabama.

[ 1 ], we find that PGP-based tools would be well served by offering mechanically gener- ated emails for unknown recipients asking them to install the PGP software, generate a public identify, and plowshare it with the transmitter.


, the PGP engine block itself could be enhanced to aid non-PGP users who receive an code electronic mail know how to work with their friend to get an code message they will be able to read. RELA

TED WORK Whitten and T

ygar [ 10 ] conducted the first formal exploiter study of a procure e-mail system ( i.e., PGP 5 ), uncovering dangerous us- ability issues with key management and users ’ understanding of the underlying public key cryptography


It was found that a majority of users were unable to successfully send encrypted electronic mail in the context of a conjectural political campaign sce- nario.

The results of the study took the security community by surprise and became creditworthy for shaping modern us- able security research. Sheng at alabama.

demonstrated that despite improvements made to PGP in the seven years since Whitten and T

ygar ’ s master publication, keystone management was silent a challenge for users.

furthermore, they showed that in the new version of PGP encoding and decoding had become therefore transparent that users were diffident if a message they re- ceived had actually been encrypted. While there have been some attempts at implementing electronic mail using key escrow [ 6, 7 ], these approaches have de

graded se- curity when compared to traditional PGP

. Atwater et aluminum.

cre- ated a mock-up of Mailvelope that automated key creation and sharing.

This overture falls somewhere in between tra- ditional PGP and key escrow on the spectrum of serviceability and security tradeoffs.


, it was not potential to in- clude Atwater et aluminum.

’ second mock-up in our analyze, as we disco

vered that it relied on hard-coded keys for electronic mail recipients, and the arXiv:1510.08555v2 [ cs.CR ] 13 Jan 2016

Leave a Reply

Your email address will not be published.