Abstract
In the contemporary digital landscape, ensuring secure communication amid widespread data exchange is imperative. This dissertation focuses on enhancing the security and privacy of end-to-end encryption (E2EE) applications while maintaining or improving usability. The dissertation first investigates and proposes improvements in two areas of existing E2EE applications: countering man-in-the-middle and impersonation attacks through automated key verification and studying user perceptions of cryptographic deniability. Insights from privacy-conscious users reveal concerns about the lack of E2EE support, app siloing, and data accessibility by client apps. To address these issues, we propose an innovative user-controlled encryption system, enabling encryption before data reaches the client app. Finally, the dissertation evaluates local threats in the FIDO2 protocol and devises defenses against these risks. Additionally, it explores streamlining FIDO2 authentication management across multiple websites for user convenience and security.
Degree
PhD
College and Department
Physical and Mathematical Sciences; Computer Science
Rights
https://lib.byu.edu/about/copyright/
BYU ScholarsArchive Citation
Yadav, Tarun Kumar, "Usability-Driven Security Enhancements in Person-to-Person Communication" (2024). Theses and Dissertations. 10259.
https://scholarsarchive.byu.edu/etd/10259
Date Submitted
2024-02-01
Document Type
Dissertation
Handle
http://hdl.lib.byu.edu/1877/etd13097
Keywords
FIDO2, End-to-end encryption, E2EE, Application-independent encryption, 2FA, Signal, Secure messaging, MITM attacks, Authentication
Language
english