Trustworthy digital communication requires the secure exchange of contact information, but current approaches lack usability and scalability for larger groups of users. We evaluate the usability of two secure contact exchange systems: the current state of the art, SafeSlinger, and our newly designed protocol, PairSonic, which extends trust from physical encounters to spontaneous online communication. Our lab study (N=45) demonstrates PairSonic's superior usability, automating the tedious verification tasks from previous approaches via an acoustic out-of-band channel. Although participants significantly preferred our system, minimizing user effort surprisingly decreased the perceived security for some users, who associated security with complexity. We discuss user perceptions of the different protocol components and identify remaining usability barriers for CSCW application scenarios.
翻译:可信赖的数字通信需要安全的联系人信息交换,但现有方法在大型用户群体中缺乏可用性和可扩展性。我们评估了两种安全联系人交换系统的可用性:当前最先进的SafeSlinger系统,以及我们新设计的PairSonic协议——该协议将信任从物理接触场景扩展至自发的在线通信。我们的实验室研究(N=45)表明,PairSonic通过声学带外信道自动化了先前方法中繁琐的验证任务,展现出更优的可用性。尽管参与者明显更青睐我们的系统,但最小化用户操作量却意外降低了部分用户对安全性的感知——这些用户将安全性与复杂性相关联。我们分析了用户对不同协议组件的认知,并指出了在CSCW应用场景中尚存的可用性障碍。