Re: [openpgp] Mining protection in fingerprint schemes

Bryan Ford(brynosaurus(_at_)gmail(_dot_)com)@Sat, Apr 09, 2016 at 12:55:42PM 
-0300:
> - V5 “key ID” is derived from the V5 fingerprint and shortened for 
> presentation
> to the user - but shortened only to ~256 bits, not shortened to the point of
> insecurity like V3/V4 key IDs are.  That shortening could easily include 
> simple
> Key ID mining-protection.
This was discussed before, but bringing this up again because I see you
saying 256 bit fingerprint for comparison like it's the natural
conclusion:

It's perfectly valid to go for stronger bitsizes in algorithms with the
argument that computers get better at crunching numbers all the time -
but humans don't. We should not increase the bit size here just because
that feels like the thing to do while revising a standard

Instead, we need to carefully consider the requirements for a string
used for authentication by manual comparison, the result of which I'm
pretty sure will be nowhere near 32 bytes of data.

 - V

signature.asc
Description: Digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp