[messaging] Useability of public-key fingerprints

Michael Rogers michael at briarproject.org
Thu Jan 30 04:09:34 PST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 30/01/14 02:24, Ximin Luo wrote:
> There's a common UI principle that says people can remember 7 (5-9)
> "things" at once well, where things is some sort of coherent unit.
> This is consistent with my own personal experience comparing fps.
> 
> Visually, I definitely find PGP and OTR fps easier to compare than
> SSH fps, OTR probably marginally more so, since I can hold 8
> characters in my head at once.

https://en.wikipedia.org/wiki/Working_memory#Capacity

Eight is above average - we should design for below-average.

My intuition about alphabets is that uncertainty about the alphabet
slows people down. For example, if people don't know that an OTR
fingerprint is case-insensitive hex, they may read "B03F" as "capital
b, capital o... no, sorry, zero... three, capital f". Likewise they
may read out punctuation that's used to group the symbols.

Think about speaking to a stranger over a bad phone line. Digits can
be communicated fairly efficiently in groups of two or three. Letters
require the phonetic alphabet, and if you don't both know that the
other person's familiar with it, that means "a for alpha, b for bravo"
rather than "alpha, bravo". If you have to pronounce lowercase and
uppercase as well, something like base58 becomes less time-efficient
than decimal digits.

But I think we can circumvent this whole problem for the common case
of face-to-face comparison. In that case we can either use QR codes,
as Daniel suggested, or kick off an ephemeral key exchange with hash
commitment, use short authentication strings to authenticate the
ephemeral key exchange, then use the ephemeral authenticated channel
to compare whatever we need to compare.

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBCAAGBQJS6kD+AAoJEBEET9GfxSfM8WMIAMHjc7/M1E0lcJFCVnw3FyVl
RxrA3VYYbvbUcKSCQGhDFmhrkxF6xudx6D4qRCkRLbw3zuHfIgKKcjT3ll8h3tqU
8JM0R4rbxxerDrqKms4OrT+fX/90bPnljVN1o4DK2oSSHsE4hyvu98S0TyjKEmA0
T0F5wI/aRNfdWj/YBu/VkGor7mH2FO+wydCuwNzQrE5j4zaW5VqqDN4SnJlfkIfA
TlGN4SEts0wdoAHfGpLH1TqltJOrAMDahVvFDEtlbHhMY7SIE9Q0IWzaH9KKS1T8
uP7+tJSqh9QAI7JiI3lIFMJSQSrZyLywcJL+8MSCwLN6xsSTBpUthzmCiTof/tM=
=dndX
-----END PGP SIGNATURE-----


More information about the Messaging mailing list