Cryptography and Usability
Joseph Bonneau - Standford University Nadim Kobeissi - INRIA Ksenia Ermoshina - ISCC/CNRS
WhatsApp, Telegram, Silence, Crypto.cat, and Signal all claim to use end-to-end encrypted messaging to secure the content of communication. There has been discussion in France after Bataclan of banning end-to-end encryption, and in recent weeks, Macron wanted to keep end-to-end encryption legal but have all passwords available to the government. Yet how do people know if there communication is actually encrypted and secure? What does it mean to have encrypted communication - can someone still reveal their metadata, such as their contact of list, to these ‘secure messages’? And do users want their messages to disappear, and how can you tell if a message has really disappeared? This talk will feature real-world lessons learned from deploying secure messaging systems and an overview of the largest user studies of secure messaging. Bios
Joseph Bonneau is a postdoctoral researcher at the Applied Crypto Group at Standford University. Broadly, he studies the difficulty of successfully deploying cryptography and security technologies due to compatibility requirements, economic incentives, and human factors. He worked on the EFF Secure Messaging Scorecard and is co-author of the first academic textbook on cryptocurrencies, Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. He received his Ph.D. from University of Cambridge.
Nadim Kobeissi is a Ph.D. student studying cryptography at Inria’s PROSECCO lab, where he focus on applied cryptography and formal verification. He also operates Symbolic Software, a small software and applied cryptography consulting company. He released a version of Cryptocat as the first formally verified secure messenger that does not require access to sensitive data like phone numbers.
Ksenia Ermoshina is a postdoctoral researcher at CNRS studying usability of secure messaging for high-risk activists as part of the NEXTLEAP program. She has a Ph.D. from Paris MinesTech on Centre de Sociologie de l’Innovation where her thesis was on social movements and the usage of mobile applications by russian activists.