[messaging] "Pseudoword" base32 fingerprints
Ximin Luo
infinity0 at pwned.gg
Wed Feb 5 17:21:40 PST 2014
On 06/02/14 01:08, Tony Arcieri wrote:
> On Wed, Feb 5, 2014 at 4:47 PM, Moritz Bartl <moritz at headstrong.de <mailto:moritz at headstrong.de>> wrote:
>
> Hm. Sorry, stupid question, but why can't you simply map 4-tuples to a
> 65k wordlist? Fantasy names, English, something more pronounceable?
> There could maybe even multiple "authoritative tables" in various languages.
>
>
> I was just talking to Trevor about this very thing ;) It's the approach I'd like to use. You can generate a random salt and run the password through e.g. scrypt as well in order to derive a symmetric key
>
> --
> Tony Arcieri
>
65k would be 16 bits. For some applications this could be enough, but to get up to a 160-bit long-term fingerprint this would be 10 words. Hopefully we can improve on this.
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 880 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140206/2b2f9525/attachment.sig>
More information about the Messaging
mailing list