Loading ...
Sorry, an error occurred while loading the content.

6192Re: [decentralization] decentralized recognizability

Expand Messages
  • Miles Sabin
    Nov 6, 2002
    • 0 Attachment
      brandon@... wrote,
      > The one advantage I can see to this method is the fairly common case
      > of needing to do a public key exchange with someone you have already
      > exchanged with but have lost their key, and you want to reduce the
      > likelihood of a MITM attack. This situation occurs fairly frequently
      > with connecting to a server using SSH from multiple clients. Few
      > people take the trouble to carry around the server's public key, so
      > each new client allows for a MITM attack. A visual public key check,
      > though not nearly as secure as actually knowing the public key, is
      > better than nothing in the few occasions that an only mildly
      > determined MITM attack is in progress.

      This is the main application that came to mind.

      My worry is that it isn't really all that much better than nothing. The
      squiggles seem too easy to spoof (as you described earlier), and might
      just give a false sense of security. In truth I'd have more confidence
      in my ability (if I was being careful) to accurately recognize a
      textual key fingerprint than a squiggle.

      Is it possible that there's a better transform? One that makes it
      computationally hard to construct a visually similar squiggle which
      corresponds to a valid public key (for some appropriate value of
      "valid")?

      Cheers,


      Miles
    • Show all 17 messages in this topic