Loading ...
Sorry, an error occurred while loading the content.

decentralized recognizability

Expand Messages
  • lucas@gonze.com
    The circle project has a way of generating decentralized secure identity that is human-friendly in a particular sense; they generate an image resembling a
    Message 1 of 17 , Nov 5, 2002
    • 0 Attachment
      The circle project has a way of generating decentralized secure identity
      that is human-friendly in a particular sense; they generate an image
      resembling a westernized human signature from a public key. These images
      obviously aren't typable, and they aren't memorable in the sense that
      someone could re-render one by hand, but they do allow people to recognize
      a public key when they see it.

      Two snapshots of Circle signatures:
      http://gonze.com/circle-sig1.png
      http://gonze.com/circle-sig2.png

      The larger trend is that hackers are chipping away at the identity
      problem.

      - Lucas
    • Jeffrey Kay
      Lucas -- Do you have a pointer for the code that does this? I might have a place to implement something like this for a research project I m working on.
      Message 2 of 17 , Nov 5, 2002
      • 0 Attachment
        Lucas --

        Do you have a pointer for the code that does this? I might have a place
        to implement something like this for a research project I'm working on.

        Cheers --

        jeffrey kay
        personal weblog <www.k2.com>
        pgp key <www.k2.com/keys.htm>

        "first get your facts, then you can distort them at your leisure" --
        mark twain
        "golf is an endless series of tragedies obscured by the occasional
        miracle" -- sports illustrated
        "if A equals success, then the formula is A equals X plus Y plus Z. X is
        work. Y is play. Z is keep your mouth shut." -- albert einstein


        > -----Original Message-----
        > From: lucas@... [mailto:lucas@...]
        > Sent: Tuesday, November 05, 2002 11:57 AM
        > To: decentralization@yahoogroups.com
        > Subject: [decentralization] decentralized recognizability
        >
        >
        >
        > The circle project has a way of generating decentralized
        > secure identity
        > that is human-friendly in a particular sense; they generate an image
        > resembling a westernized human signature from a public key.
        > These images
        > obviously aren't typable, and they aren't memorable in the sense that
        > someone could re-render one by hand, but they do allow people
        > to recognize
        > a public key when they see it.
        >
        > Two snapshots of Circle signatures:
        > http://gonze.com/circle-sig1.png
        > http://gonze.com/circle-sig2.png
        >
        > The larger trend is that hackers are chipping away at the identity
        > problem.
        >
        > - Lucas
        >
        >
        >
        > To unsubscribe from this group, send an email to:
        > decentralization-unsubscribe@egroups.com
        >
        >
        >
        > Your use of Yahoo! Groups is subject to
        > http://docs.yahoo.com/info/terms/
        >
        >
      • Lucas Gonze
        ... That s http://freshmeat.net/projects/circle/?topic_id=22%2C251%2C87, Jeff. It seems to me that the technique itself could be refined and extended. For
        Message 3 of 17 , Nov 5, 2002
        • 0 Attachment
          Jeffrey Kay wrote:
          > Do you have a pointer for the code that does this? I might have a place
          > to implement something like this for a research project I'm working on.

          That's http://freshmeat.net/projects/circle/?topic_id=22%2C251%2C87, Jeff.

          It seems to me that the technique itself could be refined and extended.
          For example, break the signatures up into several chunks, use color,
          modify the generator to output well known shapes. Also, there should be
          unix console utility to do it, apart from the circle implementation.

          - Lucas
        • Seth Russell
          ... Hmmm ... seems to me that if you can map an arbitrary digital signature into a squizzly line, then you could map an arbitrary squiggly line into a digital
          Message 4 of 17 , Nov 5, 2002
          • 0 Attachment
            Lucas Gonze wrote:

            >Jeffrey Kay wrote:
            >
            >
            >>Do you have a pointer for the code that does this? I might have a place
            >>to implement something like this for a research project I'm working on.
            >>
            >>
            >
            >That's http://freshmeat.net/projects/circle/?topic_id=22%2C251%2C87, Jeff.
            >
            >It seems to me that the technique itself could be refined and extended.
            >For example, break the signatures up into several chunks, use color,
            >modify the generator to output well known shapes. Also, there should be
            >unix console utility to do it, apart from the circle implementation.
            >
            Hmmm ... seems to me that if you can map an arbitrary digital signature
            into a squizzly line, then you could
            map an arbitrary squiggly line into a digital signature ... though the
            math to do that is beyond me.

            Seth Russell
            http://radio.weblogs.com/0113759/
          • Lucas Gonze
            ... here s the python from circle(*) that generates the graphic, you just have to invert it: points = [ ] for i in range(settings.name_bytes*2): if i & 1 : x =
            Message 5 of 17 , Nov 5, 2002
            • 0 Attachment
              Seth Russell wrote:
              > Hmmm ... seems to me that if you can map an arbitrary digital signature
              > into a squizzly line, then you could
              > map an arbitrary squiggly line into a digital signature ... though the
              > math to do that is beyond me.

              here's the python from circle(*) that generates the graphic, you just have
              to invert it:

              points = [ ]
              for i in range(settings.name_bytes*2):
              if i & 1 :
              x = ord(name[i >> 1]) >> 4
              else:
              x = ord(name[i >> 1]) & 0xf
              a = ([0.0, 1.25, 1.75, 3.0][x & 3]+1)/5.0
              b = ([0.0, 2.0, 2.5, 3.0][x >> 2]+1)/5.0
              points.append( (i*self.step + a*self.height,b*self.height) )

              self.lines = bezier_curve(points[0],points[1],mid_point(points[1],points[2]))[:-1]

              for i in range(1,len(points)-1):
              self.lines.extend(bezier_curve(mid_point(points[i-1],points[i]),points[i],mid_point(points[i],points[i+1]))[:-1])

              self.lines.extend(bezier_curve(mid_point(points[-3],points[-2]),points[-2],points[-1]))

              - Lucas

              (*)
              # The Circle - Decentralized resource discovery software
              # Copyright (C) 2001 Paul Francis Harrison
              #
              # This program is free software; you can redistribute it and/or modify
              # it under the terms of the GNU General Public License as published by
              # the Free Software Foundation; either version 2 of the License, or
              # (at your option) any later version.
            • Seth Russell
              ... Hmmm ... so are you saying that someone could use their own real signature to generate a digital signature? In other words, instead of typing arbritrary
              Message 6 of 17 , Nov 5, 2002
              • 0 Attachment
                Lucas Gonze wrote:

                >Seth Russell wrote:
                >
                >
                >>Hmmm ... seems to me that if you can map an arbitrary digital signature
                >>into a squizzly line, then you could
                >>map an arbitrary squiggly line into a digital signature ... though the
                >>math to do that is beyond me.
                >>
                >>
                >
                >here's the python from circle(*) that generates the graphic, you just have
                >to invert it:
                >
                Hmmm ... so are you saying that someone could use their own real
                signature to generate a digital signature?
                In other words, instead of typing arbritrary key strokes to generate the
                key, you just digitize an instance
                of your signature. Then when it's played back, it looks like your real
                signature? Is that possible?

                Seth Russell
                http://radio.weblogs.com/0113759/
              • Lucas Gonze
                ... It seems to me that you could do that with image compression, where the target image size is the number of bytes in your key. On the other hand, I don t
                Message 7 of 17 , Nov 5, 2002
                • 0 Attachment
                  On Tue, 5 Nov 2002, Seth Russell wrote:
                  > Hmmm ... so are you saying that someone could use their own real
                  > signature to generate a digital signature?
                  > In other words, instead of typing arbritrary key strokes to generate the
                  > key, you just digitize an instance
                  > of your signature. Then when it's played back, it looks like your real
                  > signature? Is that possible?

                  It seems to me that you could do that with image compression, where the
                  target image size is the number of bytes in your key.

                  On the other hand, I don't believe that this exact algorithm, the one from
                  circle, would qualify. You'd have to have a different chunk of code for
                  converting from bytes to an image.

                  - Lucas
                • Miles Sabin
                  Lucas Gonze wrote, ... At first glance looks quite nifty. But I m not sure I know what the application is. What do you gain by having an only moderately
                  Message 8 of 17 , Nov 5, 2002
                  • 0 Attachment
                    Lucas Gonze wrote,
                    > It seems to me that the technique itself could be refined and
                    > extended. For example, break the signatures up into several chunks,
                    > use color, modify the generator to output well known shapes. Also,
                    > there should be unix console utility to do it, apart from the circle
                    > implementation.

                    At first glance looks quite nifty.

                    But I'm not sure I know what the application is. What do you gain by
                    having an only moderately reliable way of seeing that an agent holds a
                    particular public key? And surely it's not that hard to generate a
                    distinct public key which is sufficiently visually similar to the
                    expected key to be easily confusable with it?

                    My gut reaction is that refining and extending the idea in the ways
                    you've suggested might not be all that productive ... possibly counter-
                    productive even. At a wild, uninformed, guess I'd say that colours
                    might drown out information in the squiggle rather than augment it.
                    Perhaps if you're using a handwritten signature metaphor, then keeping
                    things monochromatically familiar would help with recognition.

                    On the face of it, this'd be a good research project for someone who is,
                    or knows, a cognitive psychologist or human factors person.

                    Cheers,


                    Miles
                  • Lucas Gonze
                    ... The thing that strikes me about it is that it s a way of factoring recognizability out of the problem of human-manageable long numbers. The application is
                    Message 9 of 17 , Nov 5, 2002
                    • 0 Attachment
                      On Tue, 5 Nov 2002, Miles Sabin wrote:

                      > Lucas Gonze wrote,
                      > > It seems to me that the technique itself could be refined and
                      > > extended. For example, break the signatures up into several chunks,
                      > > use color, modify the generator to output well known shapes. Also,
                      > > there should be unix console utility to do it, apart from the circle
                      > > implementation.
                      >
                      > At first glance looks quite nifty.
                      >
                      > But I'm not sure I know what the application is.

                      The thing that strikes me about it is that it's a way of factoring
                      recognizability out of the problem of human-manageable long numbers. The
                      application is to eventually be part of a complete solution.

                      > What do you gain by
                      > having an only moderately reliable way of seeing that an agent holds a
                      > particular public key? And surely it's not that hard to generate a
                      > distinct public key which is sufficiently visually similar to the
                      > expected key to be easily confusable with it?

                      I imagine it's a lot easier to generate a usable spoof of the image than
                      to break the key itself. But the key itself is also moderately spoofable,
                      in the sense that keys can also be visually similar ("l" instead of "1").
                      The question is whether it's easier to do a visual spoof with bezier
                      curves than letters.

                      > My gut reaction is that refining and extending the idea in the ways
                      > you've suggested might not be all that productive ... possibly counter-
                      > productive even. At a wild, uninformed, guess I'd say that colours
                      > might drown out information in the squiggle rather than augment it.
                      > Perhaps if you're using a handwritten signature metaphor, then keeping
                      > things monochromatically familiar would help with recognition.

                      I'm thinking of colors as an aid to chunking, because people appear to be
                      able to remember more stuff if it's split up among multiple axes.
                      (Assuming that the ancient paper I read on this, the George A. Miller "The
                      Magic Number 7 plus or minus 2" 1956 classic, is still credible).

                      > On the face of it, this'd be a good research project for someone who is,
                      > or knows, a cognitive psychologist or human factors person.

                      Yup.

                      - Lucas
                    • brandon@blanu.net
                      ... This idea doesn t map onto the concept of a cryptographic signature, a mapping which someone might infer from the way the thread drifted from cryptographic
                      Message 10 of 17 , Nov 5, 2002
                      • 0 Attachment
                        > Hmmm ... so are you saying that someone could use their own real
                        > signature to generate a digital signature?
                        > In other words, instead of typing arbritrary key strokes to generate the
                        > key, you just digitize an instance
                        > of your signature. Then when it's played back, it looks like your real
                        > signature? Is that possible?

                        This idea doesn't map onto the concept of a cryptographic signature, a
                        mapping which someone might infer from the way the thread drifted from
                        cryptographic signatures to written signatures.

                        A normal written signature maps conceptually onto a hashed password. The
                        "password" is the muscle memory in your hand. The hash function is
                        writing. The generated hash is the signature. Like most hash functions,
                        having the hash won't give you the password. However, signatures are
                        fairly easy to "brute force" by practicing copying the signature over
                        and over again until you gain the appropriate muscle memory.

                        This metaphor breaks down in the digital realm, where muscle memory
                        isn't required in order to produce a signature, just a scanned image of
                        the signature. A signature then becomes a novel password generation
                        scheme. You just need some hashing scheme which will reliably generate
                        the same password given one of your similar but infinitely varied
                        signatures. If an attacker intercepts any one of these, then they have
                        your password. I've actually seen companies hyping this technology,
                        mainly for PDAs. The advantages over normal signatures are that you
                        don't have to remember a hard-to-remember secure password, your
                        easy-to-remember password isn't attackable by normal dictionary attacks
                        like most easy-to-remember passwords, and someone who sees you enter it
                        probably can't reproduce it on the first try. However, despite the
                        invulnerability to dictionary attacks, these passwords probably aren't
                        that secure. I would guess that the number of bits which are unique to
                        your signature but different from other people's signatures and also
                        machine-recognizable are few. Thus it would probably be easy to
                        brute-force such passwords. The worst problem is of course that no one
                        can confirm or deny this assertion since no one has any idea how secure
                        these passwords really are, the image hashing schemes being proprietary.


                        The Circle idea is interesting because it's not using passwords, but
                        public keys. Another easy misconception is that these public-key-based
                        visual signatures map to public key cryptographic signatures. As far as
                        I can tell, visualizing an actual signature would be useless since each
                        signatures would look nothing like any others generated from the same
                        public key. So what they are almost certainly doing is visualizing the
                        public key itself. Unfortunately, the circle idea suffers from the
                        deadbeef problem.

                        The problem is that when you attempt to map a long random string (such
                        as a public key signature) into the space of the human-readable, you
                        lose information. Even if every bit of the string is represented in some
                        way in the rendered form, there are variations on the representation
                        which people will not be able to tell apart. If you encode in words,
                        there are synonyms and mispellings that can be used. If you use colors,
                        there are slight variations in hue which will go unnoticed. The same is
                        true of pretty much any visual representation. Slight variations might
                        not seem like a big problem, but the number of passable variations
                        multiplied by the number of places which a variations can occur can
                        yield a fairly large space, making brute forcing easier.

                        The system is almost certainly inferior in many cases to pet names. With
                        pet names, the computer binds the public key to an easy to remember name
                        of my choosing. All further interactions are verified automatically by
                        checking that the public key matches the one from before. There is no
                        need for user intervention and thus no room for the user to make
                        mistakes when visually verifying signatures.

                        The one advantage I can see to this method is the fairly common case of
                        needing to do a public key exchange with someone you have already
                        exchanged with but have lost their key, and you want to reduce the
                        likelihood of a MITM attack. This situation occurs fairly frequently
                        with connecting to a server using SSH from multiple clients. Few people
                        take the trouble to carry around the server's public key, so each new
                        client allows for a MITM attack. A visual public key check, though not
                        nearly as secure as actually knowing the public key, is better than
                        nothing in the few occasions that an only mildly determined MITM attack
                        is in progress.



                        Links: (for blanu.net cross-posting)
                        <a
                        href="http://groups.yahoo.com/group/decentralization/">Decentralization
                        Mailing list</a>
                        <a href="http://www.csse.monash.edu.au/~pfh/circle/">Circle</a>
                        <a href="http://gonze.com/circle-sig1.png">Sample Circle public key
                        visualization</a>
                      • Miles Sabin
                        brandon@blanu.net wrote, ... This is the main application that came to mind. My worry is that it isn t really all that much better than nothing. The squiggles
                        Message 11 of 17 , Nov 6, 2002
                        • 0 Attachment
                          brandon@... wrote,
                          > The one advantage I can see to this method is the fairly common case
                          > of needing to do a public key exchange with someone you have already
                          > exchanged with but have lost their key, and you want to reduce the
                          > likelihood of a MITM attack. This situation occurs fairly frequently
                          > with connecting to a server using SSH from multiple clients. Few
                          > people take the trouble to carry around the server's public key, so
                          > each new client allows for a MITM attack. A visual public key check,
                          > though not nearly as secure as actually knowing the public key, is
                          > better than nothing in the few occasions that an only mildly
                          > determined MITM attack is in progress.

                          This is the main application that came to mind.

                          My worry is that it isn't really all that much better than nothing. The
                          squiggles seem too easy to spoof (as you described earlier), and might
                          just give a false sense of security. In truth I'd have more confidence
                          in my ability (if I was being careful) to accurately recognize a
                          textual key fingerprint than a squiggle.

                          Is it possible that there's a better transform? One that makes it
                          computationally hard to construct a visually similar squiggle which
                          corresponds to a valid public key (for some appropriate value of
                          "valid")?

                          Cheers,


                          Miles
                        • Lucas Gonze
                          ... Military-grade security sometimes weakens actual security. Are you as likely to proofread a textual key as to confirm the basic shape of a squiggle? It
                          Message 12 of 17 , Nov 6, 2002
                          • 0 Attachment
                            Miles Sabin wrote:
                            > My worry is that it isn't really all that much better than nothing. The
                            > squiggles seem too easy to spoof (as you described earlier), and might
                            > just give a false sense of security. In truth I'd have more confidence
                            > in my ability (if I was being careful) to accurately recognize a
                            > textual key fingerprint than a squiggle.

                            Military-grade security sometimes weakens actual security. Are you as
                            likely to proofread a textual key as to confirm the basic shape of a
                            squiggle? It may be that a slacker MITM attack is more than enough in
                            real life.

                            - Lucas
                          • Miles Sabin
                            Lucas Gonze wrote, ... Maybe ... or maybe my eyesite s poor and reading text with some kind of assistive technology is easier than recognizing a graphic (it s
                            Message 13 of 17 , Nov 6, 2002
                            • 0 Attachment
                              Lucas Gonze wrote,
                              > Miles Sabin wrote:
                              > > My worry is that it isn't really all that much better than nothing.
                              > > The squiggles seem too easy to spoof (as you described earlier),
                              > > and might just give a false sense of security. In truth I'd have
                              > > more confidence in my ability (if I was being careful) to
                              > > accurately recognize a textual key fingerprint than a squiggle.
                              >
                              > Military-grade security sometimes weakens actual security. Are you
                              > as likely to proofread a textual key as to confirm the basic shape of
                              > a squiggle? It may be that a slacker MITM attack is more than enough
                              > in real life.

                              Maybe ... or maybe my eyesite's poor and reading text with some kind of
                              assistive technology is easier than recognizing a graphic (it's not,
                              but just f'rinstance)?

                              I'd still like to know how easy it is to spoof the squiggles. Surely
                              it's not at all hard to generate a new key pair such that the bezier
                              transformed version of the new public key is a barely detectable
                              variant of the expected public key ... in which case it's surely not
                              unlikely that Alice might say "ah, I recognize that, it's Bob's public
                              key, I'll encrypt to that" and promptly encrypt to Mallory's.

                              Am I missing something?

                              Cheers,


                              Miles
                            • brandon@blanu.net
                              ... That is the open question in this kind of visualization. Before you can adequately judge the security of a visualization technique, you need to run a lot
                              Message 14 of 17 , Nov 6, 2002
                              • 0 Attachment
                                > I'd still like to know how easy it is to spoof the squiggles. Surely
                                > it's not at all hard to generate a new key pair such that the bezier
                                > transformed version of the new public key is a barely detectable
                                > variant of the expected public key ... in which case it's surely not
                                > unlikely that Alice might say "ah, I recognize that, it's Bob's public
                                > key, I'll encrypt to that" and promptly encrypt to Mallory's.

                                That is the open question in this kind of visualization. Before you can
                                adequately judge the security of a visualization technique, you need to
                                run a lot of empirical tests on people to see what the threshold is for
                                distinguishing two slightly different renderings. There has been
                                significant work on this by psychologists in the past, so a good way to
                                jump start your visualization technique would be to look at existing
                                research on recognition and memorability thresholds.
                              • Seth Russell
                                ... Well what I was getting at was *not* to use the visualized squiggly as the cryptographic signature; but rather to have the tool present the squiggly to the
                                Message 15 of 17 , Nov 6, 2002
                                • 0 Attachment
                                  brandon@... wrote:
                                  Hmmm ... so are you saying that someone could use their own real 
                                  signature to generate a digital signature?
                                  In other words, instead of typing arbritrary key strokes to generate the 
                                  key, you just digitize an instance
                                  of your signature.   Then when it's played back, it looks like your real 
                                  signature?  Is that possible?  
                                      
                                  This idea doesn't map onto the concept of a cryptographic signature, a
                                  mapping which someone might infer from the way the thread drifted from
                                  cryptographic signatures to written signatures.
                                  Well what I was getting at was *not* to use the visualized squiggly as the cryptographic signature; but rather to have the tool present the squiggly to the user as an irrelivant front (facade) to the actual cryptographic signature.  So if the squiggly looked like the persons actual written signature, so much the better. And if the person creating the signature used their actual signature to create the cryptographic signature, so much the better.   In any case the squiggly would be irrelivant to the crypto tools and would always be ignored.  The only rational to do that would be to make the technology look more human .. and hense promote its use. This may be quite a different idea than what Lucas originally presented, I dont know.   If someone tried to spoof the system by using a visual forgery of the facade, the crypto tool would still inform the user that the signature did not match the key.  Can't that be built into the tool in an uncorruptable manner ?
                                  Seth Russell

                                • Todd Boyle
                                  ... IMO there will not be any user-intervention in whatever emerges as the solution, regardless whether it is Passport or something decentralized. To reach
                                  Message 16 of 17 , Nov 6, 2002
                                  • 0 Attachment
                                    At 08:57 AM 11/6/2002, Lucas Gonze wrote:
                                    >Miles Sabin wrote:
                                    > > My worry is that it isn't really all that much better than nothing.
                                    >
                                    >Military-grade security sometimes weakens actual security. Are you as
                                    >likely to proofread a textual key as to confirm the basic shape of a
                                    >squiggle? It may be that a slacker MITM attack is more than enough in
                                    >real life.

                                    IMO there will not be any user-intervention in whatever emerges as the
                                    solution, regardless whether it is Passport or something decentralized.

                                    To reach very broad adoption, security and authentication must be so
                                    reliable that ordinary money transactions never fail. That is a lot
                                    less than military grade. For example it might be based on mere
                                    economics of computational power, or my suggestion it be based on
                                    community reputation frameworks.

                                    The successful security framework will need to reach nearly universal
                                    adoption. There is a large fraction of the population that is so
                                    irrational about money that they are unable to make rational choices,
                                    and lose confidence in "new providers" too easily.

                                    I'm just going to recite three obvious things (you can skip:)

                                    1. Some of today's leading companies in financial services, software,
                                    telecommunicatinos and media will be harmed financially by any
                                    devolution of security and reputation out of central institutions.

                                    2. The power of government will also be affected i.e. some effects on
                                    the ability to collect taxes, and surveil communications would result if
                                    freedoms we have in real space are allowed over distances. e.g. paper
                                    cash, private conversations.

                                    3. Certain actors in those sectors, work actively to undermine privacy
                                    and security over networks. They fill the airwaves with FUD about
                                    hackers, stolen money, drugs, laundering, terrorists, etc. to protect
                                    the existing banking system, and actively undermine the usefulness
                                    of networks, fill them with SPAM and undermine the security and
                                    sovereignty of the user in many computing, network and radio
                                    hardware components.

                                    I've come to conclude there can never be adequate security on user-
                                    programmable PCs or hand-helds. Identity as well as secure
                                    communications will have to come from a device *owned by the user*,
                                    probably including at least a PIN pad and screen within the trusted
                                    device. Users will quickly learn that such a device contains not
                                    only a mere digital ID, but allows them to accrue digital reputation
                                    which is quite valuable, financially. As any valuable thing, they
                                    will positively safeguard it. Accordingly, what is missing is
                                    the intellectual work of developing P2P reputation frameworks,
                                    in coordination with design of the handheld devices. The semiconductor
                                    industry will certainly produce the thing if there's a market.

                                    The basic use case is sending a screenful of data (i.e. a contract)
                                    into the screen of the device for signature, as described in the
                                    MeT Peer to peer scenarios (ignore the telco "operator" scenarios.)
                                    http://mobiletransaction.org/documents.html The consortium spent
                                    megabucks, on UI standards for use of the screen on the TD so that
                                    the user would recognize the "Trusted Device" mode when it was
                                    presented by different manufacturers.

                                    If PCs, phones, palms etc. are ever to be secure their content must be
                                    flowed thru a VPN or something, controlled by the user. How this is
                                    ever going to happen is beyond my expertise. I would like to see the
                                    handheld trusted device have two ports: LAN and WAN, for signing,
                                    encryption etc. and this has to be fairly idiot proof. As with the
                                    TD, the private keys would be created and managed in a security element
                                    and private keys would never leave the handheld device... I had fun
                                    with this: http://www.gldialtone.com/Hippocrit.gif

                                    Again, I don't know what the end solution will be but it won't be some
                                    clever new software for the PC. It will be built into devices and it
                                    will be preceded by a very big discussion about reputation frameworks,
                                    and a formal architecture discussion including UML for software and
                                    hardware.

                                    None of those has begun yet,

                                    Todd
                                  • brandon@blanu.net
                                    ... I don t think that it is possible to make any useful merging of written signatures and digital signatures such that either 1) visualization of the public
                                    Message 17 of 17 , Nov 6, 2002
                                    • 0 Attachment
                                      > Well what I was getting at was *not* to use the visualized squiggly as
                                      > the cryptographic signature; but rather to have the tool present the
                                      > squiggly to the user as an irrelivant front (facade) to the actual
                                      > cryptographic signature. So if the squiggly looked like the persons
                                      > actual written signature, so much the better. And if the person creating
                                      > the signature used their actual signature to create the cryptographic
                                      > signature, so much the better.

                                      I don't think that it is possible to make any useful merging of written
                                      signatures and digital signatures such that either 1) visualization of
                                      the public key or cryptographic signature looks anything like the
                                      written signature, or 2) the written signature can be used in any useful
                                      way in the generation of the public key or cryptographic signature.

                                      Public keys and signatures look for all intents and purposes like random
                                      noise. Public keys can be generated from any seed you want, but to be
                                      useful as public keys and not just passwords, they need to be generated
                                      from random noise.
                                    Your message has been successfully submitted and would be delivered to recipients shortly.