Usability in secure multi-party chat systems
|Usability in secure multi-party chat systems|
|2017 theme||Tools and Technology|
If we want users of secure Internet chat-systems to have the best experience possible, we need to avoid underlying protocol constraints that impede usability. Unfortunately it is difficult to foresee the effects of protocol design on the user's experience while focusing on protocol security. Designing from the opposite perspective has the inverse problem: adhering to an up-front user experience might constrain a messaging protocol to a design that fails to mitigate an important threat. It's easy to see why we often say usability and security are in conflict!
(n+1)sec is a Free (libre), end-to-end secure, synchronous, multi-party messaging protocol, authored by eQualit.ie with support from the Open Technology Fund. The (n+1)sec project, similar to the OTR (off-the-record) project, makes it possible to have secure instantaneous communications between people. (n+1)sec extends upon OTR in supporting not just one-to-one chats, but also chats between arbitrary groups of people. Like OTR, (n+1)sec is built on top of arbitrary chat infrastructure systems, such as XMPP, and can be implemented in any client for these systems. We demonstrated (n+1)sec security properties and outlined its initial design during the Internet Freedom Festival 2016.
The main usability challenge in one-to-one secure messaging systems lies in the inevitable responsibility of the user to manually verify the cryptographic identities of communication partners. The situation changes dramatically in a multi-user chat environment and in implementing (n+1)sec, we identified and had to address several additional novel challenges in this area that only play a role for groups consisting of more than two people. They are related to distributed decision making (for example on whether to allow a new member to join), group disagreements (which can give rise to complicated situations), and users' interactions with the carrier transport (such as XMPP). Each user-experience choice we made seemed to spawn more challenges as the second-order effects of our decisions emerged. We were often faced with a choice of whether to address these in the protocol (thus constraining clients to behave in a way we thought would be correct) or to leave their resolution to the client's discretion (which is more flexible, and allows for a plurality of solutions, but risks the (n+1)sec experience being of variable quality between clients.
In this session we will present the usability questions and challenges we encountered as well as the solutions we found, and invite experts in usability, security, messaging and software design to explore solutions with us. We are particularly keen to involve people working on similar multi-party messaging systems to see whether we can identify common challenges and collaborate on solutions. We hope to form a group interested in working to improve usability in this area for current and future multi-party chat systems.
|Target Groups||Software developers, security experts, designers, usability specialists, communications systems-engineers|