Stuff people encrypt ....

Enigma rotors with alphabet rings
Rotors from an Enigma Machine

This week on the Introduction to Cyber Security MOOC (hosted on Futurelearn), the topic is cryptography.  Learners are having fun figuring out how Alice and Bob communicate while keeping their messages secure from Eve - and sharing some funny xkcd.com cartoons in the process.  One of the exercises we set was to use a PGP mail tool (Mailvelope) to sign and encrypt an email sent to a mailbox we set up specifically for the MOOC.  I have a mail rule that invokes a simple script to strip out the PGP message text, decrypt it and send it back to the learner in an email.

Although many people have successfully completed the task, there is a general consensus that routinely encrypting emails is unlikely to be adopted by most people.  The hurdles identified by people range from the impracticality of getting other people to use crypto in their communications, to the challenge of configuring the crypto tools and their general (lack of) usability.  It seems that Whitten and Tygar's findings on "Why Johnny Can't Encrypt" and Sheng et al's research on "Why Johny Still Can't Encrypt" continue to hold true.

It has also been interesting to check out the types of messages that learners are choosing to encrypt and send to us.  Many of them are along the lines of "This is a test message", but there also seems to be a significant proclivity towards "This is my secret message, please don't steal it".  However, the outlier by a long distance was the learner who encrypted and sent in the complete lyric to "Barbie Girl" by Aqua!

Comments

Popular posts from this blog

Cloud Wedge - geek of the week

Priming Code Club

Are we losing the Internet Security battle?