CAREER: Identifying, quantifying, and explaining design principles and user practices that enable effective long-term key management


Project Summary

Research has repeatedly and consistently shown that users struggle with key management. This state of affairs negatively impacts the security and usability of existing technologies and stymies the adoption of potentially revolutionary cryptographic systems that rely on effective long-term key management. However, there is a critical knowledge gap regarding what generalizable design principles and user practices would enable usable key management. My overall objective is to quantify and explain design principles and user practices that support long-term key management. My central hypothesis is that there is a generalizable set of key management design principles that synergize with user practices to enable long-term key management. The rationale underlying this research is that quantifying and explaining the effectiveness of design principles and user practices in existing systems will increase the understanding of underlying issues, identify generalizable principles and practices, and promote the design of effective long-term key management schemes. In addition to having supportive preliminary data, I am well-prepared to undertake this research due to my substantial experience studying key management for secure email.

I will achieve my overall objective by pursuing four specific aims that quantify and explain design principles and user practices that support key management in existing successful deployments (Aim 1), long-term usage (Aim 2), and multi-key management (Aim 3). I will also prototype and evaluate design principles for improving synchronization and recovery of cryptographic keys (Aim 4). This work will help identify generalizable principles and practices that will be transformational, improving the usability and security of existing systems and enabling the adoption of revolutionary new cryptographic systems and protocols. This research is creative and original in that it breaks from the status quo of studying key management within a single application domain and use case, instead studying it across many application domains and use cases to identify generalizable principles and practices.

My educational objective is to expose students to usable security, increasing the number of students that choose to continue studying computer science. My central hypothesis is that many students—particularly traditionally marginalized students—are more likely to pursue further computer science and computer security education if they experience how it involves more than just software engineering. I will achieve my education objective by pursuing the following two specific aims: (Aim 5) exposing undergraduate students to usable security experiences and (Aim 6) working with Loan Oaks Farm to develop experiential curricula on computer security for K–12 students.

Fully solving the challenges of usable key management will take decades, and this proposal will establish my career as a leader in this research effort. In future research, I will leverage the instruments and methods developed in this research to study additional application domains and use cases. I will also build and evaluate prototypes that address limitations and issues raised in this research, iteratively improving our understanding of the most effective key management principles and practices. Most critically, I will work with cryptographers to build usable key management into their systems from the beginning and then helping them prototype and evaluate those systems, ensuring they work under real-world constraints. %Finally, the curricula, programs, and student engagement established in my educational plan will provide a continuous stream of talented graduate students to continue this research.

Intellectual Merit: This research will help fill the critical knowledge gap regarding which generalizable design principles and user practices will enable usable key management. It will also identify design principles to avoid and user practices to disincentivize. This contribution is significant because it will promote the principled design of systems and key management schemes, improving security and usability.

Broader Impacts: Improving the usability and effectiveness of key management will improve the security of the millions of users already relying on it and enable the adoption of revolutionary cryptographic systems and protocols that could benefit millions more. The education plan will provide K–12 and undergraduate students with usable security experiences, demonstrating that computer science is more than just software engineering and encouraging them to continue studying these topics. This research will also contribute to one Ph.D. dissertation and five MS theses, increasing the nation’s supply of highly trained security experts.

Publications

Conferences

Unveiling The Inter-Related Preferences of Crowdworkers: Implications for Personalized and Flexible Platform Design. Senjuti Dutta, Rhema Linder, Alex C. Williams, Anastasia Kuzminykh, and Scott Ruoti. In Proceedings of the 12th AAAI Conference on Human Computation and Crowdsourcing. AAAI, 2024. (HCOMP, 27% acceptance rate)
Abstract:  Crowdsourcing platforms have traditionally been designed with a focus on workstation interfaces, restricting the flexibility that crowdworkers need. Recognizing this limitation and the need for more adaptable platforms, prior research has highlighted the diverse work processes of crowdworkers, influenced by factors such as device type and work stage. However, these variables have largely been studied in isolation. Our study is the first to explore the interconnected variabilities among these factors within the crowdwork community. Through a survey involving 150 Amazon Mechanical Turk crowdworkers, we uncovered three distinct groups characterized by their interrelated variabilities in key work aspects. The largest group exhibits a reliance on traditional devices, showing limited interest in integrating smartphones and tablets into their work routines. The second-largest group also primarily uses traditional devices but expresses a desire for supportive tools and scripts that enhance productivity across all devices, particularly smartphones and tablets. The smallest group actively uses and strongly prefers non-workstation devices, especially smartphones and tablets, for their crowdworking activities. We translate our findings into design insights for platform developers, discussing the implications for creating more personalized, flexible, and efficient crowdsourcing environments. Additionally, we highlight the unique work practices of these crowdworker clusters, offering a contrast to those of more traditional and established worker groups.
A Comparison of Three Approaches to Assist Users in Memorizing System-Assigned Passwords. Michael Clark, Scott Ruoti, Michael Mendoza, and Kent Seamons. In Proceedings of the 13th Symposium on Usable Security. ACM, 2024. (USEC)
Abstract:  Users struggle to select strong passwords. System-assigned passwords address this problem, but they can be difficult for users to memorize. While password managers can help store system-assigned passwords, there will always be passwords that a user needs to memorize, such as their password manager's master password. As such, there is a critical need for research into helping users memorize system-assigned passwords. In this work, we compare three different designs for password memorization aids inspired by the method of loci or memory palace. Design One displays a two-dimensional scene with objects placed inside it in arbitrary (and randomized) positions, with Design Two fixing the objects' position within the scene, and Design Three displays the scene using a navigable, three-dimensional representation. In an A-B study of these designs, we find that, surprisingly, there is no statistically significant difference between the memorability of these three designs, nor that of assigning users a passphrase to memorize, which we used as the control in this study. However, we find that when perfect recall failed, our designs helped users remember a greater portion of the encoded system-assigned password than did a passphrase, a property we refer to as durability. Our results indicate that there could be room for memorization aids that incorporate fuzzy or error-correcting authentication. Similarly, our results suggest that simple (i.e., cheap to develop) designs of this nature may be just as effective as more complicated, high-fidelity (i.e., expensive to develop) designs.

Ph.D. Dissertations

Understanding Factors and Traits to Support Crowdworkers' Flexibility. Senjuti Dutta. Ph.D. Dissertation. University of Tennessee, 2024.
Abstract:  Crowdworkers are drawn to the profession in part due to the flexibility it affords. However, the current design of crowdsourcing platforms limits this flexibility. Therefore, it is important to support the overall flexibility of crowdworkers. Incorporating a variety of device types in the workflow plays an important role in supporting the flexibility of crowdworkers, however each device type requires a tailored workflow. The standard workflow of crowdworkers consists of stages of work such as managing and completing tasks. We hypothesize that there might be differences in factors and characteristics of task completion and task management to support the tailored workflow of different device types. Therefore this dissertation aims to explore and understand the factors and characteristics of task completion and task management on different devices in order to support the overall flexibility of crowdworkers. To achieve this, this dissertation introduces four pivotal innovations : (1) understanding characteristics of task completion and factors affecting the process on smartphones to support the tailored workflow on smartphones in crowdwork (2) understanding of crowdworkers’ current task completion and task management practices and expectations when working on smartphone, tablet, speaker and smartwatch to support the flexibility of crowdworkers on all these devices based on crowdworkers’ work practices and expectations. (3) After a broad understanding of crowdworkers’ practices and expectations across different devices, this thesis identifies the systematic differences among crowdworkers in order to develop customizable support depending on workers’ individual need for flexibility in crowdsourcing platforms (4) Finally, this dissertation looks into other popular crowdsourcing platform named Prolific to understand work practices of Prolific workers as well as compare Prolific with Amazon MTurk to gain a comprehensive understanding of the factors and characteristics that support flexibility in different crowdsourcing environments.

Master's Theses

Understanding Student Experiences with TLS Client Authentication. Clay Shubert. Master's Thesis. University of Tennessee, 2024.
Abstract:  This thesis presents a comprehensive investigation into student experiences with TLS client authentication, highlighting the usability challenges and learning curves associated with this long term key managament system. We designed a study that required future innovators in technology and security to use modern-day implementations of this certificate-based authentication system. From this study, we analyzed server logs, project reports, and survey responses from students enrolled in the applied cryptography course. We revealed significant hurdles in the initial setup and long-term key management of credentials used in TLS client authentication, emphasizing the gap between theoretical knowledge and practical implementation skills. Through quantitative results, the study quantified the time investment and error rates students face, and provided a System Usability Scale (SUS) assessment that points to the need for improved features and better resources. Qualitatively, this thesis identifies common pain points, resource utilization, and tool effectiveness from the students' perspectives. It further discusses the implications of these findings for design and delivery, suggesting pathways forward to enhance the practical usability and understanding of key management systems.
A Quantitative Analysis of Security Keys and Commit Signing on GitHub. Parker Collier. Master's Thesis. University of Tennessee, 2024.
Abstract:  This thesis analyzes the use and impact of security and signing keys on Github, the foremost public code development platform. These keys are used for developer authentication and code commit signing, but little research has been done on the usage of these keys. We set out to collect every available key associated with a Github user and performed quantitative analysis on the gathered data. Our data was gathered using Github’s publicly available REST and GraphQl API’s. We found that very few users create keys for signing commits, and there are a number of keys on the database that could be considered weak by modern standards. Personal keys for user identification is not widely accepted. A better understanding of how developers interact with these systems is needed to develop software that is both usable and secure.