User interface, security, and "simplicity"

Ed Gerck edgerck at nma.com
Sun May 4 21:24:00 EDT 2008


Ian G wrote: (on Kerckhoffs's rules)
> =====================
> 6. Finally, it is necessary, given the circumstances that command its 
> application, that the system be easy to use, requiring neither mental 
> strain nor the knowledge of a long series of rules to observe.
> =====================
> ...
> PS:  Although his 6th is arguably the most important

Yes. Usability should be the #1 property of a secure system.

Conventional security thinking says that usability and security are 
like a seesaw; if usability goes up, security must go down, and 
vice-versa. This apparent antinomy actually works as a synergy: with 
more usability in a secure system, security increases. With less 
usability in a secure system, security decreases. A secure system that 
is not usable will be left aside by users.

Cheers,
Ed Gerck

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list