Abstract
End-to-end encryption has been heralded by privacy and security researchers as an effective defence against dragnet surveillance, but there is no evidence of widespread end-user uptake. We argue that the non-adoption of end-to-end encryption might not be entirely due to usability issues identified by Whitten and Tygar in their seminal paper "Why Johnny Can't Encrypt". Our investigation revealed a number of fundamental issues such as incomplete threat models, misaligned incentives, and a general absence of understanding of the email architecture. From our data and related research literature we found evidence of a number of potential explanations for the low uptake of end-to-end encryption. This suggests that merely increasing the availability and usability of encryption functionality in email clients will not automatically encourage increased deployment by email users. We shall have to focus, first, on building comprehensive end-user mental models related to email, and email security. We conclude by suggesting directions for future research.
Original language | English |
---|---|
Title of host publication | Privacy enhancing technologies |
Subtitle of host publication | 14th International Symposium, PETS 2014, Amsterdam, The Netherlands, July 16-18, 2014, proceedings |
Editors | Emiliano De Cristofaro, Steven J. Murdoch |
Place of Publication | Cham |
Publisher | Springer |
Pages | 244-262 |
Number of pages | 19 |
ISBN (Electronic) | 9783319085067 |
ISBN (Print) | 9783319085050 |
DOIs | |
Publication status | Published - 20 Jun 2014 |
Externally published | Yes |
Event | 14th International Symposium on Privacy Enhancing Technologies - Amsterdam, Netherlands Duration: 16 Jul 2014 → 18 Jul 2014 Conference number: 14th https://petsymposium.org/2014/index.php |
Publication series
Name | Lecture Notes in Computer Science (LNCS) |
---|---|
Publisher | Springer |
Volume | 8555 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 14th International Symposium on Privacy Enhancing Technologies |
---|---|
Abbreviated title | PETS 2014 |
Country/Territory | Netherlands |
City | Amsterdam |
Period | 16/07/14 → 18/07/14 |
Internet address |
Keywords
- Ento-to-end encryption
- Privacy
- Security
- Mental model