International Association
for Cryptologic Research

Recent user studies on the complex relationship between humans and security technology conclude that even knowledgeable users are often incapable of making technically-sound security decisions when interacting with cryptographic tools and protocols. In this talk, I will discuss how user \textit{mental models}\footnote{A mental model is a representation of someone's perceptions of how something works in the real world.} of such protocols diverge from the technical reality. I will also discuss how mental models are shaped by design, how they influence security decisions, and how researchers can elicit such mental models using qualitative methods. I will briefly present our interdisciplinary work on mental models of HTTPS and cryptocurrencies. In this line of work, we focused on different user populations, such as end users and administrators. Especially our work on administrators' mental models of HTTPS revealed root causes for poor configurations that have a negative impact on security. We have also shown that administrators are often incapable of making informed-decisions when configuring HTTPS and therefore heavily rely on the quality of online resources. Based on these findings, I will discuss the complex interdependence of mental models, design and security. My talk will conclude with considerations on how to incorporate the human component in the design process of novel security and privacy technology. I will discuss how current user interface components of complex cryptographic protocols could be adapted to better support decision-making in favor of security. Such improvements should focus on 1) creating (functional) mental models that correspond to the technical reality, and 2) provide interaction techniques that allow users to make the right security-decisions regardless of whether their understanding of the cryptographic fundamentals is correct. The overarching goals of this talk are to raise awareness for the impact of design on mental models, and to establish a fruitful interdisciplinary discourse.