On Tue, Apr 28, 2015 at 12:13 PM, Alessandro Barenghi
<alessandro(_dot_)barenghi(_dot_)polimi(_at_)gmail(_dot_)com> wrote:
On 04/28/2015 03:58 PM, Phillip Hallam-Baker wrote:
The equivalent Base2-20 fingerprint would be a sequence of images and
have a work factor of (2^112)
[z]-[z]-[z]-[z]-[z]-[z]
Anyone know where we might scrounge a million images? WikiSource perhaps?
It would probably behoove us to check them in some fashion but this
could be crowdsourced.
The idea of using images as an alphabet has ample prior art going back
to ancient Egypt.
In this case, wouldn't it be viable, while keeping a text representation
of the fingerprint, to employ a diceware-password-like approach to
represent the fingerprint?
Interesting idea. Oddly enough, I have an intern who is already
working on something very similar.
With a reasonable english dictionary you get ~15 bits per word, which
gets you up to a reasonable margin rather fast (~8 words) and is easier
to inspect and compare visually.
32768 words is very do-able. Hunspell English has 621,180 by the
looks. Not quite a million but it is quite likely we could get there
with affixation rules, plurals, etc.
First thing is probably to parse the flat file and then throw out
words that are too short, too long or too similar and see what is
left.
The possible downsides of this approach are:
-- The need of storing a standardized dictionary
-- The possible mess with internationalization (although employing one
dictionary per language and adapting the client to read/print
fingerprints in a selectable language may get around this)
There would have to be different languages for different locales,
naturally. But in general, I think the pictures plus the words would
be fine.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp