The Motivated Can Encrypt (Even with PGP)-Reference-Cited by-同舟云学术

The Motivated Can Encrypt (Even with PGP)

Published:2021-04-27 Issue:3 Volume:2021 Page:49-69
ISSN:2299-0984
Container-title:Proceedings on Privacy Enhancing Technologies
language:en
Short-container-title:

Author:

Borradaile Glencora¹,Kretschmer Kelsy²,Gretes Michele¹,LeClerc Alexandria¹

Affiliation:

1. School of Electrical Engineering and Computer Science Oregon State University

2. School of Public Policy , Oregon State University

Abstract

Abstract Existing end-to-end-encrypted (E2EE) email systems, mainly PGP, have long been evaluated in controlled lab settings. While these studies have exposed usability obstacles for the average user and offer design improvements, there exist users with an immediate need for private communication, who must cope with existing software and its limitations. We seek to understand whether individuals motivated by concrete privacy threats, such as those vulnerable to state surveil-lance, can overcome usability issues to adopt complex E2EE tools for long-term use. We surveyed regional activists, as surveillance of social movements is well-documented. Our study group includes individuals from 9 social movement groups in the US who had elected to participate in a workshop on using Thunder-bird+Enigmail for email encryption. These workshops tool place prior to mid-2017, via a partnership with a non-profit which supports social movement groups. Six to 40 months after their PGP email encryption training, more than half of the study participants were continuing to use PGP email encryption despite intervening widespread deployment of simple E2EE messaging apps such as Signal. We study the interplay of usability with social factors such as motivation and the risks that individuals undertake through their activism. We find that while usability is an important factor, it is not enough to explain long term use. For example, we find that riskiness of one’s activism is negatively correlated with long-term PGP use. This study represents the first long-term study, and the first in-the-wild study, of PGP email encryption adoption.

Publisher

Walter de Gruyter GmbH

Subject

General Medicine

Reference60 articles.

1. [1] R. Abu-Salma, E. M. Redmiles, B. Ur, and M. Wei. Exploring User Mental Models of End-to-End Encrypted Communication Tools. In 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 18), 2018.

2. [2] R. Abu-Salma, M. A. Sasse, J. Bonneau, A. Danilova, A. Naiakshina, and M. Smith. Obstacles to the Adoption of Secure Communication Tools. In 2017 IEEE Symposium on Security and Privacy (SP), pages 137–153, San Jose, CA, USA, May 2017. IEEE.

3. [3] S. D. Agarwal, M. L. Barthel, C. Rost, A. Borning, W. L. Bennett, and C. N. Johnson. Grassroots organizing in the digital age: considering values and technology in Tea Party and Occupy Wall Street. Information, Communication & Society, 17(3):326–341, 2014.

4. [4] E. Atwater, C. Bocovich, U. Hengartner, E. Lank, and I. Goldberg. Leading Johnny to Water: Designing for Usability and Trust. In Eleventh Symposium On Usable Privacy and Security (SOUPS), pages 69–88, 2015.

5. [5] W. Bai, D. Kim, M. Namara, Y. Qian, P. G. Kelley, and M. L. Mazurek. An Inconvenient Trust: User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems. In Twelfth Symposium on Usable Privacy and Security ({SOUPS} 2016), pages 113–130, Denver, CO, 2016.

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Quantum-resistant End-to-End Secure Messaging and Email Communication;Proceedings of the 18th International Conference on Availability, Reliability and Security;2023-08-29

2. File Encryption: PGP;Guide to Internet Cryptography;2022