1. Field of the Invention
The subject invention relates to progress indicators, such as progress bars indicating task progress. The subject invention also relates to methods of encouraging secure behavior, especially secure behavior in electronic communication.
2. Related Art
Progress indicators, such as progress bars, are well known and widely used, especially in computing environments. Progress bars are used, e.g., to indicate the progress of a file download to a computer or other computing machines, such as handheld units. Such bars generally progress linearly according to the size of the file and the part that has been downloaded up to the indicated point. Progress bars are also used when a user has to perform a given task, so as to indicate the progress of the user towards the completion of the task. Again, such progress indicators generally relate to the part completed, as compared to the total task. Progress indicators may also be used for task relating to security features. For example, a progress bar may be displayed when a user is asked to enter a password. However, using prior art methodology, such progress bars indicate the amount of task that is completed. For example, if the user is asked to enter a password of length between 6-8 characters, the progress bar would linearly advance according to the how many characters the user entered as compared to how many the user must enter.
The security derived from cryptographic mechanisms is measured by a work factor k. Here, k corresponds to the length of a cryptographic key or (the entropy of) a password measured in bits. For manual key entry or verification tasks, given a problem with a work factor of k, it is common to assume that an adversary requires 2k units of work in order to breach the security. Alternatively, the adversary's probability of breaching the security is about 2−k in each attempt. User interfaces that require a user to enter a password or to verify two cryptographic keys for equality typically show progress by rendering a linear display of the work factor. This is highly misleading because the displayed progress differs significantly from the actual level of attained security, which is exponential in the work factor. On the other hand, an accurate rendering of the attained security would be frustrating for users as no progress would be visible for the majority of the interactions.
FIG. 1A illustrate a progress bar according to the prior art, used for a password generation or key verification task. As is shown, the progress is generated linearly with the data entry by the user. Such a progress bar is beneficial in providing the user an indication of progress in completing the task, but may be misleading with respect to the level of security obtained. For example, according to the illustration of FIG. 1A, the advancement made from 0.25 to 0.625 is more than double, while the security has not doubled while advancing via these steps.
FIG. 1B illustrates a progress bar that directly correlates to the level of security attained with the user's input. The bars of FIG. 1B correspond to the bars of FIG. 1A. As can be seen, providing a progress bar that directly correlates to the security level attained may be somewhat puzzling or frustrating to the user, as in the early stage no progress indication would be provided, as the level of security attained is too low to be represented in this scale.
Accordingly, there is a need in the art to provide a progress indicator that more properly reflects the level of security attained, as correlated to the task progress.