{"id":"https://openalex.org/W2129375724","doi":"https://doi.org/10.1145/2841113.2841120","title":"Maybe Poor Johnny Really Cannot Encrypt","display_name":"Maybe Poor Johnny Really Cannot Encrypt","publication_year":2015,"publication_date":"2015-09-08","ids":{"openalex":"https://openalex.org/W2129375724","doi":"https://doi.org/10.1145/2841113.2841120","mag":"2129375724"},"language":"en","primary_location":{"id":"doi:10.1145/2841113.2841120","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2841113.2841120","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 New Security Paradigms Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040519207","display_name":"Zinaida Benenson","orcid":"https://orcid.org/0009-0006-7158-0219"},"institutions":[{"id":"https://openalex.org/I4210156583","display_name":"Laboratoire d'Informatique de Paris-Nord","ror":"https://ror.org/05g1zjw44","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I4210091279","https://openalex.org/I4210156583","https://openalex.org/I4210159245"]},{"id":"https://openalex.org/I181369854","display_name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg","ror":"https://ror.org/00f7hpc57","country_code":"DE","type":"education","lineage":["https://openalex.org/I181369854"]}],"countries":["DE","FR"],"is_corresponding":true,"raw_author_name":"Zinaida Benenson","raw_affiliation_strings":["Computer Science Department, Friedrich-Alexander-Universit\u00e4t, Erlangen-N\u00fcrnberg"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, Friedrich-Alexander-Universit\u00e4t, Erlangen-N\u00fcrnberg","institution_ids":["https://openalex.org/I4210156583","https://openalex.org/I181369854"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070924321","display_name":"Gabriele Lenzini","orcid":"https://orcid.org/0000-0001-8229-3270"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]}],"countries":["LU"],"is_corresponding":false,"raw_author_name":"Gabriele Lenzini","raw_affiliation_strings":["Interdisciplinary Centre for Security Reliability and Trust, University of Luxembourg","Interdisciplinary Centre for Security, Reliability, and Trust, University of Luxembourg"],"affiliations":[{"raw_affiliation_string":"Interdisciplinary Centre for Security Reliability and Trust, University of Luxembourg","institution_ids":["https://openalex.org/I186903577"]},{"raw_affiliation_string":"Interdisciplinary Centre for Security, Reliability, and Trust, University of Luxembourg","institution_ids":["https://openalex.org/I186903577"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082282267","display_name":"Daniela S Oliveira","orcid":"https://orcid.org/0000-0003-3488-0053"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daniela Oliveira","raw_affiliation_strings":["Electrical and Computer Engineering Department, University of Florida","[Electrical and Computer Engineering Department, University of Florida]"],"affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering Department, University of Florida","institution_ids":["https://openalex.org/I33213144"]},{"raw_affiliation_string":"[Electrical and Computer Engineering Department, University of Florida]","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016771481","display_name":"Simon Parkin","orcid":"https://orcid.org/0000-0002-6667-0440"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Simon Parkin","raw_affiliation_strings":["Department of Computer Science, University College London","Department of Computer Science, University College, London"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University College London","institution_ids":["https://openalex.org/I45129253"]},{"raw_affiliation_string":"Department of Computer Science, University College, London","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077641485","display_name":"Sven Uebelacker","orcid":"https://orcid.org/0000-0001-9228-8248"},"institutions":[{"id":"https://openalex.org/I884043246","display_name":"Hamburg University of Technology","ror":"https://ror.org/04bs1pb34","country_code":"DE","type":"education","lineage":["https://openalex.org/I884043246"]},{"id":"https://openalex.org/I159176309","display_name":"Universit\u00e4t Hamburg","ror":"https://ror.org/00g30e956","country_code":"DE","type":"education","lineage":["https://openalex.org/I159176309"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sven Uebelacker","raw_affiliation_strings":["Security in Distributed Applications, Hamburg University of Technology"],"affiliations":[{"raw_affiliation_string":"Security in Distributed Applications, Hamburg University of Technology","institution_ids":["https://openalex.org/I159176309","https://openalex.org/I884043246"]}]}],"institutions":[],"countries_distinct_count":5,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5040519207"],"corresponding_institution_ids":["https://openalex.org/I181369854","https://openalex.org/I4210156583"],"apc_list":null,"apc_paid":null,"fwci":4.1481,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.94352454,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"85","last_page":"99"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9894999861717224,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6819100975990295},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6553986668586731},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.6299129128456116},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5892571210861206},{"id":"https://openalex.org/keywords/cognition","display_name":"Cognition","score":0.5240468978881836},{"id":"https://openalex.org/keywords/coping","display_name":"Coping (psychology)","score":0.49828553199768066},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.4555254876613617},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4484826326370239},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4254719018936157},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.35429519414901733},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3330768644809723},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.21828752756118774},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.14414024353027344},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.10000243782997131}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6819100975990295},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6553986668586731},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.6299129128456116},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5892571210861206},{"id":"https://openalex.org/C169900460","wikidata":"https://www.wikidata.org/wiki/Q2200417","display_name":"Cognition","level":2,"score":0.5240468978881836},{"id":"https://openalex.org/C73282008","wikidata":"https://www.wikidata.org/wiki/Q1759895","display_name":"Coping (psychology)","level":2,"score":0.49828553199768066},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.4555254876613617},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4484826326370239},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4254719018936157},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.35429519414901733},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3330768644809723},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.21828752756118774},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.14414024353027344},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.10000243782997131},{"id":"https://openalex.org/C169760540","wikidata":"https://www.wikidata.org/wiki/Q207011","display_name":"Neuroscience","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C118552586","wikidata":"https://www.wikidata.org/wiki/Q7867","display_name":"Psychiatry","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/2841113.2841120","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2841113.2841120","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 New Security Paradigms Workshop","raw_type":"proceedings-article"},{"id":"pmh:oai:ris.utwente.nl:openaire_cris_publications/242a214c-6b42-4675-a11c-552cb10b02e8","is_oa":false,"landing_page_url":"https://research.utwente.nl/en/publications/242a214c-6b42-4675-a11c-552cb10b02e8","pdf_url":null,"source":{"id":"https://openalex.org/S4406922991","display_name":"University of Twente Research Information","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Benenson, Z, Lenzini, G, Oliveira, D, Parkin, S & Uebelacker, S 2015, Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security. in NSPW '15 : Proceedings of the 2015 New Security Paradigms Workshop. Association for Computing Machinery, New York, pp. 85-99, 2015 New Security Paradigms Workshop, NSPW 2015, Twente, Netherlands, 8/09/15. https://doi.org/10.1145/2841113.2841120","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:orbilu.uni.lu:10993/23567","is_oa":false,"landing_page_url":"https://orbilu.uni.lu/handle/10993/23567","pdf_url":null,"source":{"id":"https://openalex.org/S4306401815","display_name":"Open Repository and Bibliography (University of Luxembourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I186903577","host_organization_name":"University of Luxembourg","host_organization_lineage":["https://openalex.org/I186903577"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security, 85-99 (2015); New Security Paradigms Workshop, Enschede, Netherlands [NL], from 08-09-2015 to 11-09-2015","raw_type":"peer reviewed"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"No poverty","score":0.6399999856948853,"id":"https://metadata.un.org/sdg/1"}],"awards":[{"id":"https://openalex.org/G268456553","display_name":null,"funder_award_id":"EP/K006517/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":106,"referenced_works":["https://openalex.org/W31171651","https://openalex.org/W60907133","https://openalex.org/W65833265","https://openalex.org/W192828507","https://openalex.org/W204466799","https://openalex.org/W284664886","https://openalex.org/W318530283","https://openalex.org/W587461618","https://openalex.org/W1485200701","https://openalex.org/W1498728415","https://openalex.org/W1507039213","https://openalex.org/W1517135709","https://openalex.org/W1529733883","https://openalex.org/W1534968492","https://openalex.org/W1537169188","https://openalex.org/W1538807643","https://openalex.org/W1550000763","https://openalex.org/W1556553063","https://openalex.org/W1557496348","https://openalex.org/W1607827729","https://openalex.org/W1608694002","https://openalex.org/W1660569880","https://openalex.org/W1830858207","https://openalex.org/W1835112993","https://openalex.org/W1896997982","https://openalex.org/W1930546125","https://openalex.org/W1931604409","https://openalex.org/W1974007298","https://openalex.org/W1983193060","https://openalex.org/W1984314602","https://openalex.org/W1994303078","https://openalex.org/W1995554356","https://openalex.org/W2001096704","https://openalex.org/W2009661351","https://openalex.org/W2011039300","https://openalex.org/W2016540947","https://openalex.org/W2019639453","https://openalex.org/W2026843999","https://openalex.org/W2028171449","https://openalex.org/W2028974852","https://openalex.org/W2030112111","https://openalex.org/W2037110367","https://openalex.org/W2040356698","https://openalex.org/W2042720915","https://openalex.org/W2045591401","https://openalex.org/W2046143708","https://openalex.org/W2046810302","https://openalex.org/W2049890080","https://openalex.org/W2052176706","https://openalex.org/W2056615497","https://openalex.org/W2059507980","https://openalex.org/W2063539698","https://openalex.org/W2065076704","https://openalex.org/W2071869991","https://openalex.org/W2076698718","https://openalex.org/W2078635913","https://openalex.org/W2082575039","https://openalex.org/W2086099868","https://openalex.org/W2089315399","https://openalex.org/W2094265147","https://openalex.org/W2098813016","https://openalex.org/W2099889974","https://openalex.org/W2108366453","https://openalex.org/W2118222422","https://openalex.org/W2121646779","https://openalex.org/W2139842203","https://openalex.org/W2145071552","https://openalex.org/W2146270836","https://openalex.org/W2146657063","https://openalex.org/W2148279836","https://openalex.org/W2160858448","https://openalex.org/W2167976277","https://openalex.org/W2171934417","https://openalex.org/W2211995104","https://openalex.org/W2293424065","https://openalex.org/W2335888457","https://openalex.org/W2342091124","https://openalex.org/W2401210256","https://openalex.org/W2420107722","https://openalex.org/W2579555219","https://openalex.org/W2761210928","https://openalex.org/W2913459036","https://openalex.org/W2993383518","https://openalex.org/W3018034337","https://openalex.org/W3023580939","https://openalex.org/W3100919343","https://openalex.org/W4210651582","https://openalex.org/W4211199164","https://openalex.org/W4213009134","https://openalex.org/W4243180172","https://openalex.org/W4246219036","https://openalex.org/W4256223142","https://openalex.org/W4285719527","https://openalex.org/W4298445070","https://openalex.org/W6602724379","https://openalex.org/W6617286900","https://openalex.org/W6630550951","https://openalex.org/W6632248701","https://openalex.org/W6633360099","https://openalex.org/W6648982606","https://openalex.org/W6674330518","https://openalex.org/W6684593570","https://openalex.org/W6684644128","https://openalex.org/W6712968997","https://openalex.org/W6827907058","https://openalex.org/W6990023262"],"related_works":["https://openalex.org/W2982321410","https://openalex.org/W95465806","https://openalex.org/W2392004567","https://openalex.org/W2046296964","https://openalex.org/W2940029036","https://openalex.org/W4389670110","https://openalex.org/W2756595502","https://openalex.org/W2187546663","https://openalex.org/W2429057255","https://openalex.org/W148745890"],"abstract_inverted_index":{"Psychology":[0],"and":[1,18,32,107,126],"neuroscience":[2],"literature":[3],"shows":[4,151],"the":[5,11,37,43,129,136,156],"existance":[6],"of":[7,91,123,135,158],"upper":[8],"bounds":[9,23,51],"on":[10,74],"human":[12,92],"capacity":[13,157],"for":[14,19,89],"executing":[15],"cognitive":[16,30],"tasks":[17,38],"information":[20],"processing.":[21],"These":[22],"are":[24],"where,":[25],"demonstrably,":[26],"people":[27,60],"start":[28],"experiencing":[29],"strain":[31],"consequently":[33],"committing":[34],"errors":[35],"in":[36,52,94,114],"execution.":[39],"We":[40,84],"argue":[41],"that":[42,96,152],"usable":[44],"security":[45,68,95,106,124,137,142],"discipline":[46],"should":[47],"scientifically":[48],"understand":[49],"such":[50],"order":[53],"to":[54,82,100,104,131],"have":[55,112],"realistic":[56],"expectations":[57],"about":[58],"what":[59,110],"can":[61],"or":[62,140],"cannot":[63],"attain":[64],"when":[65],"coping":[66],"with":[67,128],"tasks.":[69],"This":[70],"may":[71],"shed":[72],"light":[73],"whether":[75],"Johnny":[76],"will":[77],"be":[78,80],"ever":[79],"able":[81],"encrypt.":[83],"propose":[85],"a":[86],"conceptual":[87],"framework":[88],"evaluation":[90],"capacities":[93],"also":[97],"assigns":[98],"systems":[99],"complexity":[101],"categories":[102],"according":[103],"their":[105],"usability.":[108],"From":[109],"we":[111,117],"initiated":[113],"this":[115,141,149],"paper,":[116],"ultimately":[118],"aim":[119],"at":[120],"providing":[121],"designers":[122],"mechanisms":[125],"policies":[127],"ability":[130],"say:":[132],"\"This":[133],"feature":[134],"mechanism":[138],"X":[139],"policy":[143],"element":[144],"Y":[145],"is":[146,154],"inappropriate,":[147],"because":[148],"evidence":[150],"it":[153],"beyond":[155],"its":[159],"target":[160],"community\".":[161]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2016,"cited_by_count":4}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2016-06-24T00:00:00"}