An introduction to security challenges in user-facing cryptographic software
Paul, Greig and Irvine, James; Samant, Khajuria and Sørensen, Lene and Skouby, Knud Erik, eds. (2017) An introduction to security challenges in user-facing cryptographic software. In: Cybersecurity and Privacy - Bridging the Gap. River Publishers, Aalborg, pp. 15-39. ISBN 9788793519664
Full text not available in this repository.Request a copyAbstract
One of the key challenges in the development of secure software is the tradeoff between usability and security. Often, many of the rigorous requirements of a strong cryptographic implementation appear to be at odds with consumer requirements and desires. Non-technical users typically desire a straightforward user interface which does not require them to learn any special skills to use the application, yet also expect the application to offer them adequate protection [30]. There is, however, very little that an average user can do to ensure the security of the underlying technical implementation of security software they run, presenting a major challenge for users left unable to conveniently verify that the software works as expected. The intersection of the technical requirements for cryptography, and consumers’ desires for usability, introduces a number of opportunities for security weaknesses to emerge within the design of security software. A desire for convenience has been widely recognised as resulting in poor security practices, such as in the selection of passwords [31], of particular concern where user passwords are used for the generation of encryption keys for data.
ORCID iDs
Paul, Greig ORCID: https://orcid.org/0000-0002-6070-3192 and Irvine, James ORCID: https://orcid.org/0000-0003-2078-6517; Samant, Khajuria, Sørensen, Lene and Skouby, Knud Erik-
-
Item type: Book Section ID code: 62472 Dates: DateEvent31 March 2017PublishedSubjects: Science > Mathematics > Computer software Department: Faculty of Engineering > Electronic and Electrical Engineering
Strategic Research Themes > Society and PolicyDepositing user: Pure Administrator Date deposited: 29 Nov 2017 15:06 Last modified: 11 Nov 2024 15:11 Related URLs: URI: https://strathprints.strath.ac.uk/id/eprint/62472