[messaging] "Pseudoword" base32 fingerprints

Ximin Luo infinity0 at pwned.gg
Wed Feb 5 17:21:40 PST 2014

On 06/02/14 01:08, Tony Arcieri wrote:
> On Wed, Feb 5, 2014 at 4:47 PM, Moritz Bartl <moritz at headstrong.de <mailto:moritz at headstrong.de>> wrote:
>     Hm. Sorry, stupid question, but why can't you simply map 4-tuples to a
>     65k wordlist? Fantasy names, English, something more pronounceable?
>     There could maybe even multiple "authoritative tables" in various languages.
> I was just talking to Trevor about this very thing ;) It's the approach I'd like to use. You can generate a random salt and run the password through e.g. scrypt as well in order to derive a symmetric key
> -- 
> Tony Arcieri

65k would be 16 bits. For some applications this could be enough, but to get up to a 160-bit long-term fingerprint this would be 10 words. Hopefully we can improve on this.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 880 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140206/2b2f9525/attachment.sig>

More information about the Messaging mailing list