[messaging] Useability of public-key fingerprints
michael at briarproject.org
Thu Jan 30 04:09:34 PST 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 30/01/14 02:24, Ximin Luo wrote:
> There's a common UI principle that says people can remember 7 (5-9)
> "things" at once well, where things is some sort of coherent unit.
> This is consistent with my own personal experience comparing fps.
> Visually, I definitely find PGP and OTR fps easier to compare than
> SSH fps, OTR probably marginally more so, since I can hold 8
> characters in my head at once.
Eight is above average - we should design for below-average.
My intuition about alphabets is that uncertainty about the alphabet
slows people down. For example, if people don't know that an OTR
fingerprint is case-insensitive hex, they may read "B03F" as "capital
b, capital o... no, sorry, zero... three, capital f". Likewise they
may read out punctuation that's used to group the symbols.
Think about speaking to a stranger over a bad phone line. Digits can
be communicated fairly efficiently in groups of two or three. Letters
require the phonetic alphabet, and if you don't both know that the
other person's familiar with it, that means "a for alpha, b for bravo"
rather than "alpha, bravo". If you have to pronounce lowercase and
uppercase as well, something like base58 becomes less time-efficient
than decimal digits.
But I think we can circumvent this whole problem for the common case
of face-to-face comparison. In that case we can either use QR codes,
as Daniel suggested, or kick off an ephemeral key exchange with hash
commitment, use short authentication strings to authenticate the
ephemeral key exchange, then use the ephemeral authenticated channel
to compare whatever we need to compare.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Messaging