Presentation is loading. Please wait.

Presentation is loading. Please wait.

Usable Security for Webmail and Single Sign-on KENT SEAMONS & SCOTT RUOTI COMPUTER SCIENCE DEPARTMENT BRIGHAM YOUNG UNIVERSITY INTERNET SECURITY RESEARCH.

Published byArleen Parker Modified over 9 years ago

Similar presentations

Presentation on theme: "Usable Security for Webmail and Single Sign-on KENT SEAMONS & SCOTT RUOTI COMPUTER SCIENCE DEPARTMENT BRIGHAM YOUNG UNIVERSITY INTERNET SECURITY RESEARCH."— Presentation transcript:

1 Usable Security for Webmail and Single Sign-on KENT SEAMONS & SCOTT RUOTI COMPUTER SCIENCE DEPARTMENT BRIGHAM YOUNG UNIVERSITY INTERNET SECURITY RESEARCH LAB

2 BYU Computer Science o CS Department has 600+ undergraduates, 80 MS, 30 PhD o Focus on undergraduate research mentoring

3 Internet Security Research Lab (ISRL) o Established 2001 o Funding: DARPA, NSF, Industry o Alumni ◦24 MS degrees and 1 PhD degree awarded ◦Placement: Microsoft, Google, IBM, DoD, Sandia, MIT Lincoln Labs, Lockheed-Martin, Blue Coat, Amazon, etc.

4 ISRL Research Projects o Automated Trust Negotiation ◦TrustBuilder – exchange attribute certificates as a basis for trust o Convenient Decentralized Authentication using Passwords ◦Simple Authentication for the Web (SAW) ◦Luau o Easy, Secure Data Sharing in the Cloud ◦Private Webmail (Pwm) ◦Private Facebook Chat (PFC) ◦Key Escrow (Kiwi) o Privacy ◦TLS proxies – how to detect and distinguish from TLS MITM attacks o Usable Security

5 Users and Security o Users want to get their work done o They will sidestep security if it is inconvenient

6 Usable Security o A significant new research area in the last 10-15 years o Seminal papers ◦Why Johnny Can’t Encrypt (Whitten and Tygar, 1999) ◦Users are not the Enemy (Adams and Sasse, 1999) o Research venues with latest research ◦Symposium on Usability, Privacy, and Security (SOUPS) ◦ACM Conference on Human Factors in Computing Systems (CHI)

7 Why Johnny Can’t Encrypt o Usability study of PGP 5.0 o Political campaign scenario o Twelve users were given the software to configure o Users completed a series of tasks

8 Why Johnny Can’t Encrypt Results o Complete failure that served as a wakeup call to the community o Only four users (33%) were able to correctly send out the encrypted, signed email ◦Seven users encrypted emails with their own public keys ◦Another user generated new key pairs for all the other users and tried to encrypt email with those keys o Three users (25%) accidentally emailed the secret message to the other team members without encryption o Lots of challenges with key management

9 Usable Security Research Examples ◦Johnny 2 (SOUPS 2005) ◦Applied automatic key management to S/MIME email ◦A usability study and critique of two password managers (Usenix Security 2006) ◦Major usability issues discovered ◦Usability issues led to insecurity ◦Most significant problems arose from poor mental models ◦Social Phishing (CACM 2007) ◦User study that launched real phishing attack against Indiana University students using social network contact information (71% success rate)

10 Usable Security Research Examples ◦What makes users refuse web single sign-on? An empirical investigation of OpenID (SOUPS 2011) ◦Identified challenges and concerns users face when using OpenID ◦Many users had incorrect mental model of how the system worked (71%) ◦Identified changes in the login flow that improves user acceptance ◦Helping Johnny 2.0 Encrypt his Facebook conversations (SOUPS 2012) ◦Automatic key management and encryption ◦Hypothesized that users may not trust transparent encryption

11 Research Methods o Approaches from Human Computer Interaction (HCI) o Surveys ◦Likert Scale questions o Laboratory usability studies ◦Task-based ◦Difficult to draw conclusions from trust decisions in a laboratory environment o Amazon Mechanical Turks ◦Cost effective way for large-scale user studies o Ethical and privacy issues ◦Academic user studies need university review board approval

12 Metrics - System Usability Scale o System Usability Scale (SUS) [Brook 1996] o Ten questions using 5 point Likert Scale ◦Alternate negative and positive ◦Calculation that provides a single number for usability o Bangor compared scores for hundreds of systems

13 SUS Questions o I think that I would like to use this product frequently. o I found the product unnecessarily complex. o I thought the product was easy to use. o I think that I would need the support of a technical person to be able to use this product. o I found the various functions in the product were well integrated. o I thought there was too much inconsistency in this product. o I imagine that most people would learn to use this product very quickly. o I found the product very awkward to use. o I felt very confident using the product. o I needed to learn a lot of things before I could get going with this product.

14 Usable Security for Single Sign- On

15 Bob’s in-memory password lookup table password1???Luke ???Password2Ducky Password3photosZxcv letmein??? pwd12qwerLkjh asdf??? The Internet Password Who do we trust? Single Sign-on

16 Simple Authentication for the Web o How can web sites offload user authentication all by themselves? ◦Already doing it as a secondary means of user authentication o SAW’s approach ◦Improve the security and convenience of email-based password resets ◦Use as primary authentication mechanism

17 How SAW Works Step 1: ◦The user submits her email address Step 2: ◦If her address is authorized, a random secret is generated and split into two shares Step 3: ◦The user returns both tokens ◦Manually: By clicking a link in the email ◦Automatically: Using the SAW toolbar Tokens are: Short-lived Single-use Web Site User User’s Email Provider I’m Alice From: SAW_TokenGenerator@securecomm.org To: student@some.edu Subject: [SAW-https://securecomm.org/login] ATemail=2fe32... Click on the link below ONLY if you recently initiated a request to log in to https://securecomm.org/login: https://securecomm.org/login?ATemail=2fe322492847eb5dea...

18 Benefits o Unilateral deployment by web sites 1.No specialized third party 2.No client-side software 3.Reuse existing users identifiers and authenticators external to the web site o Acceptable risk for services that rely on email-based password resets o Advanced features ◦Delegation and revocation through email forwarding rules ◦Client-side auditing

19 o How do users authenticate to identity providers when they cannot directly communicate? ◦Giving relying parties the plaintext password is not desirable ◦Allowing an encrypted tunnel invites misuse and requires IP-level connectivity ◦Forwarding several small messages of known composition offers a good compromise The Chicken and the Egg User (U)Identity Provider (IDP)Wireless Access Point (RP) ID: Alice PW: Peek-a-boo Msg

20 1.Use a strong password protocol to establish a mutually authenticated session key between user and her identity provider 2.Use that key to facilitate a SAW token distribution 3.Unify Web and wireless authentication Luau– High Level Idea User (U)Identity Provider (IDP)Wireless Access Point (RP) Secure Remote Password (SRP)

21 Future Directions o Usability studies comparing SAW to Oauth, OpenID, and some recent proposals to replace passwords o Untrusted Input Problem: Password entry into web forms supplied by the server ◦We advocate a move to password entry into the browser chrome or O/S in order to thwart password phishing attacks ◦Train users to never enter credentials into a web page ◦Users will still be vulnerable to social engineering o If phishing attacks are thwarted, attackers will focus on the end points ◦Usable solutions to key logging

22 Confused Johnny: Usable Security for Webmail

23 Confused Johnny o E-mail encryption for the masses o We developed a system maximizing usability ◦Made everything transparent o Johnny became confused o Designed another system with manual encryption ◦This helped Johnny gain clarity

24 Encrypted E-mail o Exists, but largely goes unused o S/MIME, PGP ◦Tools available o “Why Johnny can't encrypt: A usability evaluation of PGP 5.0” ◦Whitten and Tygar, 8th USENIX Security Symposium (1999) ◦Later research confirmed findings o What can be done?

25 Usability Issues o Users resist change ◦Users are using webmail ◦If security is difficult users will forgo it o Key management is confusing ◦Hierarchical, web-of-trust ◦Recipient must already have key ◦Chicken and egg problem o Cryptography is complicated ◦Unclear which properties are provided ◦Unclear which properties are needed

26 Private Webmail (Pwm) o Pronounced “Poem” o Adds end-to-end encryption to existing webmail systems ◦Gmail, Hotmail, Yahoo! Mail ◦Runs on all modern browsers o Designed to maximize usability o Provide good-enough security ◦Improvement for those already sending sensitive e-mail

27 Security Overlay o Security overlay ◦Integrates tightly with existing webmail systems ◦Users do not need to learn yet-another-system o Tightly integrates with existing systems ◦Replaces small portions of the interface ◦Displayed using iFrames o Functionally transparent ◦Low barrier to adoption o Visually distinctive ◦Easy to identify

28 Usability Fixes o Users resist change ◦Focus on bootstrapping first-time users ◦Helpful instructions in e-mail ◦Bookmarklet-based installation o Key management is confusing ◦Key escrow based on IBE ◦Simple Authentication for the Web (EBIA) ◦No user interaction required o Cryptography is complicated ◦Encryption is automatically handled by Pwm ◦Users never interact with ciphertext

29 Pwm: Walkthrough

30

31

32

33

34 Pwm User Studies o Two studies o First study measured usability of Pwm ◦Also evaluated bookmarklets for use during installation o Second study compared Pwm to Voltage Secure Mail Cloud ◦Voltage Secure Mail Cloud is an existing depot-based secure email system ◦Pwm was run using a browser extension o Evaluation ◦Pre- and post-survey questionnaire ◦Monitored participants actions for unrecognized mistakes ◦Post-survey interviews

35 76 71 63

36 SUS Score Comparison

37 Success? o Results are very promising ◦Very positive reception ◦Users indicated they wanted to begin using it o Not without problems o Small number sent e-mail without encryption o Participants were confused about security ◦Wanted to see more details ◦Unsure of who could read e-mails

38 Where to go from here? o Simple solutions was to fix UI issues o One student (Nathan Kim) had a different idea ◦Manual encryption ◦Decoupled interface o Mocked up these ideas ◦Message Protector (MP) ◦Simple Interface ◦Direct handling of ciphertext ◦Implied key management

39 MP: Walkthrough

40

41

42

43 First MP User Study o Evaluated MP using SUS o Compared against Encipher.it ◦Bookmarklet-based encryption system ◦Works in Gmail and Facebook o Evaluation ◦Pre- and post-survey questionnaire ◦Monitored participants actions for unrecognized mistakes ◦Post-survey interviews ◦The system usability scale o Evaluated comprehension ◦Survey included questions about comprehension ◦How to use the system ◦Who could read messages

44 61 72

45 Second MP User Study o Surprising usability results ◦Participants had a positive reaction to seeing ciphertext ◦Similar SUS score to MP o Ran a second study comparing MP to Pwm ◦Modeled after the first MP study

46 76 74

47 SUS Score Comparison

48 Other results o MP improved users comprehension ◦Clearly understood how to use system ◦Clearly understood who could read messages o Usability scores nearly identical to Pwm o Participants preferred manual encryption of MP o Participants preferred tight integration of Pwm

49 Study limitations o MP studies ignore bootstrapping new users ◦Studies assumed software pre-installed ◦Bootstrapping is a key component of Pwm’s design ◦Not fully representative of overall usability o Short-term studies o SUS question unclear ◦“I think that I would like to use this system frequently.” ◦Participants ranked low even when enthusiastic about the system ◦Relevant to security studies

50 Review o Pwm was a success ◦Participants largely succeeded at using encrypted e-mail ◦Participants had high praise for Pwm ◦Succeeding in being easy for new users o Pwm wasn’t perfect ◦Security was too transparent ◦Caused users to be confused and make mistakes o Mocked up a system using manual encryption ◦Users enjoyed manual encryption ◦Wished it was tightly integrated with the browser o A combination of approaches is needed to solve the problem

51 Future Work o Manual encryption in Pwm ◦Don’t automatically send encrypted email ◦“Encrypt” button which puts ciphertext in compose window o Sidebar ◦Browser sidebar allowing for manual encryption ◦Can be used on any site ◦Fallback for when Pwm has an error o Long-term studies ◦Larger populations ◦Real tasks

52 Lessons Learned o Usability is a key factor in security software o Users have expectations about how security works ◦What needs to be exposed? ◦It can impact trust o There are tradeoffs ◦Usability vs. security ◦Transparency vs. control ◦No one solution does everything o Research needs to focus on real world use cases ◦Collaboration with industry

53 Questions?

Download ppt "Usable Security for Webmail and Single Sign-on KENT SEAMONS & SCOTT RUOTI COMPUTER SCIENCE DEPARTMENT BRIGHAM YOUNG UNIVERSITY INTERNET SECURITY RESEARCH."

Similar presentations

Building Secure Mashups D. K. Smetters PARC Usable.

Building Secure Mashups D. K. Smetters PARC Usable.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Caleb Stepanian, Cindy Rogers, Nilesh Patel

Caleb Stepanian, Cindy Rogers, Nilesh Patel
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
By: Ansuya Chauhan.

By: Ansuya Chauhan.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

Similar presentations

Ads by Google