A Usability Study of Secure Email Deletion

Tyler Monson, Joshua Reynolds, Trevor Smith, Scott Ruoti, Daniel Zappala, and Kent Seamons

Abstract
Messaging applications like SnapChat illustrate that users are concerned about the permanence of information. We find that this concern extends to email. In this paper we present a usability study of an end-to-end secure email tool with the option to securely delete messages. This tool uses ephemeral keys, one per message thread, and default expiration times, with a user prompt to renew or delete keys. Deleting keys causes the messages in the thread to be unreadable for that user. We compare the usability of this tool to a nearly identical tool that uses long term keys and lacks a feature to expire keys. We also interview participants about their email use patterns and attitudes towards information permanence. We find that participants are especially interested in the ability to control the lifetime of an email message. Participants also report trusting the tool that allowed them to make their email messages ephemeral more than the tool that just encrypted their email.

Reference
Tyler Monson, Joshua Reynolds, Trevor Smith, Scott Ruoti, Daniel Zappala, and Kent Seamons. 2018. A usability study of secure email deletion. In Proceedings of the 3rd European Workshop on Usable Security. Internet Society.

Downloads