Versions Compared

Old Version 32

changes.mady.by.user Unknown User (ndsheth@mit.edu)

Saved on

compared with

New Version 33

changes.mady.by.user Unknown User (ndsheth@mit.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Storyboard

Learnability

Efficiency

Safety



Key Management

Stephen must add the new teammates to his list of
secure contacts. The SecureConnect application allows him to log
onto the Key Server set up by the campaign to manage public
keys. He finds that two of the new volunteers had public keys
created for them when issued their mobile phones, so he
adds them to his personal contact list, which include their
mobile phone number and public key. One user was not yet present
in the key server, so Stephen had to help generate a new key for
them.

This design is meant to mimic a standard phone text messaging
layout which the user is likely familiar with, then overlaying
the metaphor of user keys necessary to facilitate encrypted
messaging.

Pros:  The look and feel mimics the standard
text messaging application on a typical smartphone.
Concepts of contacts carry over, with additional public
key data added as an additional facet of contact data.


Cons:

Pros:  Key Server enables contacts to be
added without manual text entry on the phone.

Cons: User is required to obtain public key before
secure communication is possible.

Pros:  Multiple graphical cues suggest that a contact
cannot be securely communicated with until a public key
is stored for that user.
Adding via the Key Server automatically grabs public key data.



Cons: User must be continuously reminded of the unsecure
nature of their conversations until they successfully add a key.
Contacts may still be added even without a key, leaving open
the possibility of communicating without encryption.


Contact Management
Once the new contacts were added from the Key Server,
Stephen is able to view them the contacts tab of the app. Each
newly added secure contact with a stored public key is displayed
with a key icon next to their name at all times. Contacts without a
stored key are also present, and can have a public key entered
on the contact editor in order to make them a secure contact.

Public keys can be entered manually via the keyboard, pasted from
the phone's clipboard (the contact could have sent their key via
email or unsecure text, or could have been located via web
browser).

Pros:  Look and Feel is similar to contact manager on
most smartphones.
Key metaphor is carried throughout to suggest a secure
contact vs an unsecure one.

Cons: Users must learn how to enter/obtain the public
key for a user that was not obtain from the key server.

Pros:  Contacts auto populated from key server

Cons: Manual entry of Public key can be tedious.
Perhaps alternate automated entry methods are
possible here.

Pros: Few safety issues here, as contact data is always updatable.

Cons: Removing a contact implies removing all trace of communication
with them, which the user must confirm before allowing this action.

Messaging (Secure and Unsecure)

Storyboard

Learnability

Efficiency

Safety



Secure Chat Window

Stephen must now update the team with new orders. On the Messaging tab,
Stephen can see a conversation with an individual or group, much like the
standard chat application on his phone. In this case, his can message John Doe
securely because he has a public key stored for him. The application reminds him
that he can securely communicate via color (background color), and each past
message that was sent with encryption is also set off by color and a lock icon. Groups
can be handled similarly to individuals with a group key.

Touching on the message area to enter a message brings up the keyboard and a lock
button, giving access to encryption options for the message (encrypt via personal
private key or public key of John Doe). The default encrypts via public key to ensure
safety, but Stephen can remove this if he decides encryption is not necessary for a particular message.

.
||\Unsecure Chat Window

This is the same view of the messaging window but for a contact without a stored
public key. The background color is red, reminding Stephen that no message can
be sent securely, and the lock icon near the message window is disabled.

Pros:  Mimics Conversation/Chat flow concepts.
Multiple signals for secure or unsecure communications
(lock icon near name, Lock on each securely sent/received
message, background color, message bubble color).

Cons: User must learn difference between using public or
private key. 

Pros:  Streamlined interface for all secure and
unsecure communications with a single person or
group.

Default option uses secure public key encryption,
which requires user intervention if a different option
is desired (assumes this is the most likely selected
option).

Cons: Receiving a secure message
requires decryption using either personal private
or contact's public key, requiring extra time.

Pros:  Multiple visual cues to signify message security.

Cons: User can still send an unsecure message, so there
is still risk of secret information being sent unsecurely.

...