Please use this identifier to cite or link to this item:
Title: How Safe Is Safety Number? A User Study on SIGNAL’s Fingerprint and Safety Number Methods for Public Key Verification
Authors: Bıçakcı, Kemal
Altuncu, E.
Sahkulubey, M. S.
Kızılöz, H. E.
Uzunay, Y.
Keywords: Authentication
secure communication
Issue Date: 2018
Publisher: Springer Verlag
Source: Bicakci, K., Altuncu, E., Sahkulubey, M. S., Kiziloz, H. E., & Uzunay, Y. (2018, September). How Safe Is Safety Number? A User Study on SIGNAL’s Fingerprint and Safety Number Methods for Public Key Verification. In International Conference on Information Security (pp. 85-98). Springer, Cham.
Series/Report no.: International Conference on Information Security
Abstract: Communication security has become an indispensable demand of smartphone users. End-to-end encryption is the key factor for providing communication security, which mainly relies on public key cryptography. The main and unresolved issue for public key cryptography is to correctly match a public key with its owner. Failing to do so could lead to man-in-the-middle attacks. Different public key verification methods have been proposed in the literature. The methods which are based on verification by the users themselves are preferable with respect to cost and deployability than the methods such as digital certificates that involve the use of trusted third parties. One of these methods, fingerprinting was recently replaced by a method called safety number in the open source messaging application, SIGNAL. The developers of SIGNAL claimed this change would bring usability and security advantages however no formal user study was conducted supporting this claim. In this study, we compare the usability and security aspects of these two methods with a user study on 42 participants. The results indicate with significance that the safety number method leads to more successful results in less time for public key verification as compared to the fingerprint method.
Description: 21st Information Security Conference, ISC 2018
ISSN: 3029743
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection

Show full item record

CORE Recommender


checked on Sep 24, 2022

Page view(s)

checked on Dec 26, 2022

Google ScholarTM



Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.