On the Pitfalls of End-to-End Encrypted Communications: A Study of Remote Key-Fingerprint Verification

TL;DR

This study evaluates the security and usability of human-centered code verification methods in end-to-end encrypted messaging apps, revealing significant vulnerabilities and usability issues, especially in remote user scenarios.

Contribution

The paper provides an empirical analysis of code verification methods in real-world apps, highlighting security flaws and usability challenges in remote settings compared to proximity scenarios.

Findings

Remote code verification methods have high false accept rates.

Usability issues are more pronounced in remote settings.

Security and usability are significantly lower when users are remote.

Abstract

Many widely used Internet messaging and calling apps, such as WhatsApp, Viber, Telegram, and Signal, have deployed an end-to-end encryption functionality. To defeat potential MITM attackers against the key exchange protocol, the approach relies on users to perform a code verification task whereby each user must compare the code (a fingerprint of the cryptographic keys) computed by her app with the one computed by the other user's app and reject the session if the two do not match. In this paper, we study the security and usability of this human-centered code verification task for a setting where the end users are remotely located, and compare it as a baseline to a less frequent scenario where the users are in close proximity. We consider several variations of the code presentation and verification methods, incorporated into representative real-world apps, including codes encoded as numbers or images, displayed on the screen, and verbally spoken by the users. We perform a human factors study in a lab setting to quantify the security and usability of these different methods. Our study results expose key weaknesses in the security and usability of the code verification methods employed in the apps. First, we show that most code verification methods offer poor security (high false accepts) and low usability (high false rejects and low user experience ratings) in the remote setting. Second, we demonstrate that, security and usability under the remote code verification setting is significantly lower than that in the proximity setting. We attribute this result to the increased cognitive overhead associated with comparing the codes across two apps on the same device (remote setting) rather than across two devices (proximity setting). Overall, our work serves to highlight a serious vulnerability of Internet-based communication apps in the remote setting stemming from human errors.