[messaging] "Pseudoword" base32 fingerprints
Robert Ransom
rransom.8774 at gmail.com
Wed Feb 5 17:54:08 PST 2014
On 2/5/14, Peter Eckersley <pde-lists at eff.org> wrote:
> Also, it strikes me that checking a whole 160 bit fingerprint on first use
> is potentially more work than needs to be done.
>
> Protocols like this should be possible:
[low-latency interactive protocol omitted]
As I said in <https://moderncrypto.org/mail-archive/messaging/2014/000015.html>:
If the parties can set up an interactive connection, you can use a
40-bit ephemeral password to authenticate the key. It wouldn't even
require a PAKE protocol.
Robert Ransom
More information about the Messaging
mailing list