Billions of secure messaging users have adopted end-to-end encryption (E2EE). Nevertheless, challenges remain. Most communication applications do not provide E2EE, and application silos prevent interoperability. Our qualitative analysis of privacy-conscious users' discussions of E2EE on Reddit reveals concerns about trusting client applications with plaintext, lack of clear indicators about how encryption works, high cost to switch apps, and concerns that most apps are not open source. We propose InfoGuard, a system enabling E2EE for user-to-user communication in any application. InfoGuard allows users to trigger encryption on any textbox, even if the application does not support E2EE. InfoGuard encrypts text before it reaches the application, eliminating the client app's access to plaintext. InfoGuard also incorporates visible encryption to make it easier for users to understand that their data is being encrypted and give them greater confidence in the system's security. The design enables fine-grained encryption, allowing specific sensitive data items to be encrypted while the rest remains visible to the server. Participants in our user study found InfoGuard usable and trustworthy, expressing a willingness to adopt it.

翻译：摘要：数十亿安全消息用户已采用端到端加密（E2EE），但挑战依然存在。大多数通信应用不提供E2EE，且应用孤岛阻碍了互操作性。我们对Reddit上隐私意识用户关于E2EE讨论的定性分析揭示了以下担忧：信任客户端应用处理明文、缺乏加密工作方式的清晰指示、切换应用的高成本，以及大多数应用非开源的问题。我们提出InfoGuard系统，为任何应用中的用户间通信提供E2EE支持。InfoGuard允许用户在任意文本框触发加密，即使应用本身不支持E2EE。InfoGuard在文本到达应用前实施加密，杜绝客户端应用获取明文。该系统还集成了可视化加密，使用户更容易理解数据正在被加密，增强对系统安全性的信心。该设计支持细粒度加密，允许对特定敏感数据项加密，同时其余部分对服务器保持可见。我们用户研究的参与者认为InfoGuard易用且可信，表达了采用意愿。