TY - GEN
T1 - “I Can't Believe It's Not Custodial!” Usable Trustless Decentralized Key Management
AU - Sharma, Tanusree
AU - Nair, Vivek C.
AU - Wang, Henry
AU - Wang, Yang
AU - Song, Dawn
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s)
PY - 2024/5/11
Y1 - 2024/5/11
N2 - Key management has long remained a difficult unsolved problem in the field of usable security. While password-based key derivation functions (PBKDFs) are widely used to solve this problem in centralized applications, their low entropy and lack of a recovery mechanism make them unsuitable for use in decentralized contexts. The multi-factor key derivation function (MFKDF) is a recently proposed cryptographic primitive that aims to address these deficiencies by incorporating commonly used authentication factors into the key derivation process. In this paper, we implement an MFKDF-based Ethereum wallet and perform a user study with 27 participants to directly compare its usability against traditional cryptocurrency wallet architectures. Our results show that MFKDF-based applications outperform conventional key management approaches on both subjective and objective metrics, with a 37% higher average SUS score (p < 0.0001) and 71% faster task completion times (p < 0.0001) for the MFKDF-based wallet.
AB - Key management has long remained a difficult unsolved problem in the field of usable security. While password-based key derivation functions (PBKDFs) are widely used to solve this problem in centralized applications, their low entropy and lack of a recovery mechanism make them unsuitable for use in decentralized contexts. The multi-factor key derivation function (MFKDF) is a recently proposed cryptographic primitive that aims to address these deficiencies by incorporating commonly used authentication factors into the key derivation process. In this paper, we implement an MFKDF-based Ethereum wallet and perform a user study with 27 participants to directly compare its usability against traditional cryptocurrency wallet architectures. Our results show that MFKDF-based applications outperform conventional key management approaches on both subjective and objective metrics, with a 37% higher average SUS score (p < 0.0001) and 71% faster task completion times (p < 0.0001) for the MFKDF-based wallet.
UR - http://www.scopus.com/inward/record.url?scp=85194846541&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85194846541&partnerID=8YFLogxK
U2 - 10.1145/3613904.3642464
DO - 10.1145/3613904.3642464
M3 - Conference contribution
AN - SCOPUS:85194846541
T3 - Conference on Human Factors in Computing Systems - Proceedings
BT - CHI 2024 - Proceedings of the 2024 CHI Conference on Human Factors in Computing Sytems
PB - Association for Computing Machinery
T2 - 2024 CHI Conference on Human Factors in Computing Sytems, CHI 2024
Y2 - 11 May 2024 through 16 May 2024
ER -