6192Re: [decentralization] decentralized recognizability
- Nov 6, 2002brandon@... wrote,
> The one advantage I can see to this method is the fairly common caseThis is the main application that came to mind.
> of needing to do a public key exchange with someone you have already
> exchanged with but have lost their key, and you want to reduce the
> likelihood of a MITM attack. This situation occurs fairly frequently
> with connecting to a server using SSH from multiple clients. Few
> people take the trouble to carry around the server's public key, so
> each new client allows for a MITM attack. A visual public key check,
> though not nearly as secure as actually knowing the public key, is
> better than nothing in the few occasions that an only mildly
> determined MITM attack is in progress.
My worry is that it isn't really all that much better than nothing. The
squiggles seem too easy to spoof (as you described earlier), and might
just give a false sense of security. In truth I'd have more confidence
in my ability (if I was being careful) to accurately recognize a
textual key fingerprint than a squiggle.
Is it possible that there's a better transform? One that makes it
computationally hard to construct a visually similar squiggle which
corresponds to a valid public key (for some appropriate value of
- << Previous post in topic Next post in topic >>