[messaging] Let's run a usability study (was Useability of public-key fingerprints)

[Michael Rogers]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 24/03/14 09:57, Daniel Thomas wrote:
>> Identicons are a catastrophe for cryptographic use - there's no
>> way an average person can distinguish more than 2^20 different
>> polygonal pictures. Given one picture, it's not hard to make a
>> key whose fingerprint has the roughly the same polygons and
>> colours. Do not use!

Depending on the use case, it may be possible to work around this
limitation by including a private salt (known only to the verifier) in
the hash.

An attacker trying to match a given identicon would then have to guess
at random, without knowing how close their match was for any given
verifier, and without being able to find a good match for all
verifiers at once.

The downside, of course, is that each verifier would see a different
identicon for a given identity - it wouldn't be possible to print
identicons on business cards etc.

I guess this is analogous to the difference between fingerprints and
short authentication strings.

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBCAAGBQJTNrh7AAoJEBEET9GfxSfMsFUIAL1fY/0CrqudggZOeIQgg9F/
bQkED2dTNLxhzYyO/MZ0fyT5MWDjflruJ4xuu74kYcsD75n70ibPfNIgPMNUNTYQ
OcnkVqA59fMYZSqa7Oo75wRQ46kULpDaezH4B+QY3G71ePBUEWqqZ4L4/fx9o3L9
7eUE3SfzCHKzjoEXhG8ZvlHGVLnbXqJdbmSaxUYaYbQ4zIJekSjLJoOWWWCSR2VN
IsqWkVdtj+1AFjUVHXyfV7dcwpAGPIeKBZhzD3VfWOwnxNKsx9kJWl9mze37UpRJ
HN8alfnsWk5igwdgfo9CS9d/HNGJL3euokKwDlaZqH2EO0zMhcS+lPChDsXwoA0=
=BDc5
-----END PGP SIGNATURE-----