Why I Can’t Authenticate — Understanding the Low Adoption of Authentication Ceremonies with Autoethnography

Matthias Fassl, Katharina Krombholz
{"title":"Why I Can’t Authenticate — Understanding the Low Adoption of Authentication Ceremonies with Autoethnography","authors":"Matthias Fassl, Katharina Krombholz","doi":"10.1145/3544548.3581508","DOIUrl":null,"url":null,"abstract":"Authentication ceremonies detect and mitigate Man-in-the-Middle (MitM) attacks on end-to-end encrypted messengers, such as Signal, WhatsApp, or Threema. However, prior work found that adoption remains low as non-expert users have difficulties using them correctly. Anecdotal evidence suggests that security researchers also have trouble authenticating others. Since their issues are probably unrelated to user comprehension or usability, the root causes may lie deeper. This work explores these root causes using autoethnography. The first author kept a five-month research diary of their experience with authentication ceremonies. The results uncover points of failure while planning and conducting authentication ceremonies. They include cognitive load, forgetfulness, social awkwardness, and explanations required by a communication partner. Additionally, this work identifies and discusses how sociocultural aspects affect authentication ceremonies. Lastly, this work discusses a design approach for cooperative security that employs cultural transcoding to improve sociocultural aspects of security by design.","PeriodicalId":314098,"journal":{"name":"Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3544548.3581508","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

Authentication ceremonies detect and mitigate Man-in-the-Middle (MitM) attacks on end-to-end encrypted messengers, such as Signal, WhatsApp, or Threema. However, prior work found that adoption remains low as non-expert users have difficulties using them correctly. Anecdotal evidence suggests that security researchers also have trouble authenticating others. Since their issues are probably unrelated to user comprehension or usability, the root causes may lie deeper. This work explores these root causes using autoethnography. The first author kept a five-month research diary of their experience with authentication ceremonies. The results uncover points of failure while planning and conducting authentication ceremonies. They include cognitive load, forgetfulness, social awkwardness, and explanations required by a communication partner. Additionally, this work identifies and discusses how sociocultural aspects affect authentication ceremonies. Lastly, this work discusses a design approach for cooperative security that employs cultural transcoding to improve sociocultural aspects of security by design.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
为什么我不能认证——理解自我民族志认证仪式的低采用率
身份验证仪式检测并减轻对端到端加密信使(如Signal、WhatsApp或Threema)的中间人(MitM)攻击。然而,先前的工作发现,采用率仍然很低,因为非专业用户很难正确使用它们。坊间证据表明,安全研究人员在验证他人身份方面也存在困难。由于它们的问题可能与用户理解或可用性无关,因此根本原因可能更深。这项工作探讨了这些根本原因使用自身民族志。第一作者用五个月的时间记录了他们在认证仪式上的经历。结果揭示了计划和执行认证仪式时的故障点。它们包括认知负荷、健忘、社交尴尬和沟通伙伴要求的解释。此外,这项工作确定并讨论了社会文化方面如何影响认证仪式。最后,本文讨论了一种采用文化转码的合作安全设计方法,通过设计来改善安全的社会文化方面。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Characterizing the Technology Needs of Vulnerable Populations for Participation in Research and Design by Adopting Maslow’s Hierarchy of Needs Playing with Power Tools: Design Toolkits and the Framing of Equity "It’s like With the Pregnancy Tests": Co-design of Speculative Technology for Public HIV-related Stigma and its Implications for Social Media Potential and Challenges of DIY Smart Homes with an ML-intensive Camera Sensor Understanding People’s Concerns and Attitudes Toward Smart Cities
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1