[messaging] Audible public-key fingerprints

Andy Isaacson adi at hexapodia.org
Sun Aug 17 09:45:12 PDT 2014


On Sun, Aug 17, 2014 at 06:33:17PM +0200, Mike Hearn wrote:
> But is this better than NFC or Bluetooth LE? If you want to broadcast a
> public key or pass one from person to person it seems likely that radio
> transmission would work better than sonic.

The user-comprehensibility of one device singing a key to another device
is somewhat compelling.

I have no reason to understand the RF state of my device (when is it
listening?  when is it transitting?), if someone MITMs my RF I am
unlikely to notice per se.  By contrast, I'll notice if my device is
unexpectedly sending audio, and MITM of an audio channel is blatantly
obvious.

I'm not sure I'm convinced that audio key exchange is a good idea, but
it certainly seems like an interesting and potentially fruitful
experiment!

(Also, I'm charmed by the poetic image of androids singing each other
to sleep.  Bonus points if the implementation can support multiple
modes: "lullaby", "orchestral", "dubstep".)

-andy


More information about the Messaging mailing list