[messaging] MITM-safe communication w/o authentication possible?

[Karl]

On 11/30/15, Ximin Luo <infinity0 at pwned.gg> wrote:
> On 30/11/15 03:09, Karl wrote:
>> On 11/29/15, Ximin Luo <infinity0 at pwned.gg> wrote:
>>>
>>> (To put it another way, "self-authenticating" is a joke. My GPG
>>> fingerprint
>>> is self-authenticating too. Just go talk to 0x1318efac5fbbdbce, it
>>> doesn't
>>> matter who that is in real life.... what? no takers?)
>>
>> It seems reasonable to me that the important part of somebody's
>> identity would be their behavior rather than their body or name.  But
>> to use fingerprints as identifiers, you'd need a way for humans to
>> remember and compare them.  Some way of hashing data into something
>> memorable but complex enough to be collision-resistant, like a
>> detailed image of a computer-generated human face.
>>
>> I wonder if anybody's done something like that.
>>
>
> For an authentication system to actually be safe, it needs to allow me to
> *distinguish* my contact from any other attacker. For a cryptographic
> protocol, this means that my contact must know some secret information that
> attackers do not have. One can generally assume that "behaviour" /
> "biometrics" do not fit this secrecy requirement since an attacker can just
> forge it - sometimes literally by copying it as it is generated, as is
> effectively what happens in MITM.

Right.  I imagine the face is generated from the fingerprint of the
public key.  Hence copying it would require generating enough keys to
find a human-believable collision, as would be equivalently done to
fake .onion addresses or pgp key fingerprints.  We're a lot better at
remembering and comparing the details of faces than numbers, and we
readily associate them with identities.

I suppose some video game probably has a character generator detailed
enough to feed a key fingerprint into.