[messaging] Useability of public-key fingerprints

George Kadianakis desnacked at riseup.net
Wed Jan 29 17:03:05 PST 2014

Trevor Perrin <trevp at trevp.net> writes:

> Some crypto apps let users inspect the public-key hash (aka
> "fingerprint") of the other party, so that it can be compared with a
> value received through a different channel (phone call, business card,
> online directory or website, etc.)
> There's a lot of variation in how public-key fingerprints are
> presented (alphabet, number of chars, capitalization, grouping,
> separators, etc).  For example:
> SSH:      43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8
> GPG:      7213 5CAA EA6B 0980 126A  0371 8373 DD15 4D42 48BD
> OTR:      C4E40F71 A92175F8 597A29A7 CB7E0943 B27014FF
> TACK:     g5p5x.ov4vi.dgsjv.wxctt.c5iul
> Bitcoin:  31uEbMgunupShBVTewXjtqbBv5MndwfXhb
> SSH:     128 bits, 32 hex chars
> GPG:     160 bits, 40 hex chars
> OTR:     160 bits, 40 hex chars
> TACK:    125 bits, 25 base32 chars (RFC 4648)
> Bitcoin: 200 bits, 34 base58 chars (160 bits hash + version/checksum)
> There's also some fingerprint innovations that aren't widespread:
>  - Zooko's z-base32
>  - "Hash extension" from RFC 3972 to squeeze more bits into a smaller
> fingerprint
>  - Phonetic alphabets like the PGPfone wordlist
> Anyways, these are somewhat large strings for users to handle, so it
> seems worth trying to streamline the experience and reduce error-rates
> due to soundalike or lookalike characters as much as we can.
> I'm a little surprised I can't find more useability research here, except for:
>  - https://blog.crypto.cat/2014/01/cryptocat-at-the-openitp-dc-hackathon
>  - https://moderncrypto.org/mail-archive/curves/2014/000011.html
> Are there other studies?  Are there any "best practices" emerging?

Hm. You might find some interesting references in the paper that
introduced the SSH "randomart" scheme. The paper is called "Hash
Visualization: a New Technique to Improve Real-World Security" and
contains a bunch of interesting ideas.

I agree with you that the UX of public-key validation can be improved
vastly. The comment on the cited cryptocat blog post about the word
"fingerprint" terrifying users is also interesting.

More information about the Messaging mailing list