keyids vs. fingerprints [was: Re: Fix revocation keys instead of fingerprints?]
2009-05-07 14:18:33On 05/07/2009 11:45 AM, David Shaw wrote:
On May 5, 2009, at 2:13 AM, Daniel A. Nagy wrote:David Shaw wrote:Fingerprints: * Must be human-readable * Needs to be small to be useful * Can collide to some small amount (4880 even documents that they collide in section 12.2)That's not the fingerprint. That's the key ID.A nit, but that really is the fingerprint.
The important items here are 1 and 2, which both apply to a fingerprint.
Humans need to be able to cognitively compare fingerprints, so they
must be both human-readable and small enough to wade through.
As for collisions, 32-bit key ids don't collide "to some small amount".
They have *massive* collisions because of the small output space. It
takes a few hours of compute time on a single modern desktop machine to
generate 32-bit keyID collisions against every single key in the public
WoT. 64-bit keyids are better, but still nowhere near the collision
resistance we should be expecting from tools we expect humans to use to
validate content.
keyIDs are useful as pointers, but are not at all useful for
verification purposes.
--dkg
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Re: Fix revocation keys instead of fingerprints? (was Re: Non-SHA-1 fingerprints), Daniel A. Nagy |
|---|---|
| Next by Date: | Re: I don't think that collides the way you think it does, Florian Weimer |
| Previous by Thread: | Re: Fix revocation keys instead of fingerprints? (was Re: Non-SHA-1 fingerprints), Daniel A. Nagy |
| Next by Thread: | Re: Non-SHA-1 fingerprints, David Shaw |
| Indexes: | [Date] [Thread] [Top] [All Lists] |