Re: [openpgp] Mining protection in fingerprint schemes
Phillip Hallam-Baker <phill@hallambaker.com> Sat, 16 April 2016 20:16 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA74B12DF01 for <openpgp@ietfa.amsl.com>; Sat, 16 Apr 2016 13:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0UnK-rq5Sfgt for <openpgp@ietfa.amsl.com>; Sat, 16 Apr 2016 13:16:28 -0700 (PDT)
Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9FB212DEFF for <openpgp@ietf.org>; Sat, 16 Apr 2016 13:16:27 -0700 (PDT)
Received: by mail-lf0-x233.google.com with SMTP id g184so179220343lfb.3 for <openpgp@ietf.org>; Sat, 16 Apr 2016 13:16:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=hkqmyQ3nDhIsdpDJyTaUwD43dm8F50pzLn6gGsijHXA=; b=bwE7BbCMV/swzycSqkGzLyKRj4oYtt5rj2hYAieIftUHgHRTBErXlg0gmDadWDrmQw icCuqyg8NgigPbslJuMhTRgRJlKrry+2r2sfF192d5D7cUKhqdnH8FToutcxRbrCC20P i9nq7TEspKjkG0/kI7al5cTLqMtSql8adQ6khpB6vK+pRKWpZ7Y6EsKKr/TCDftjMJI3 YwgnjIHt9G9Hs8GJdRmqjd3tonEnA9QTX6nx+A0xezbJVCldSFjPUAKFQN3AbOTgbqvZ loQP8DibiP2GOzCFsIFf+GaYwRZNTi3g6oNxtnwIv3Qz2c12my+yiUV/ZX8ro1t57GJQ 6bbQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=hkqmyQ3nDhIsdpDJyTaUwD43dm8F50pzLn6gGsijHXA=; b=Lmt5d+hKyVlVN47WhwpHkLtt+sU/mHZjmPcncmytu3ZGuqUvA6/VJdEBsVNDQVCdKg kAKFQFp32CuDPz/pS3jGRK6cnHKJjI8GU8lcBcgTVtHgp3baYvji5mHUXlHsCMJu8J7J gBnX2uaz6YGEE23HgDj8PIIJlocH8rVDOoeHeyeIDbvVCF6xh3AYXmC24a5jZ5T3LxiM uOMz6T9TueXh+AmrUQKPXbVpFYQ03P3DLOM2kbKhvvKdZRcc1ZwyTOQyck6BCpB/Uocc AfMy13ZbYOERW8wSwx/rgbTDLdke3LV9Z2cksnNxf44rSjUZjkv0atIBZ1TxtOacrEN1 pwXA==
X-Gm-Message-State: AOPr4FX5aqVAWiL5X4QdHDAW4ZAVCsbaiFkStxJS9GHIb7eO4JHVRhDxlb7l+5hwBPLNH/tBKqkwMWVXwuyNtw==
MIME-Version: 1.0
X-Received: by 10.112.181.38 with SMTP id dt6mr11502782lbc.114.1460837785834; Sat, 16 Apr 2016 13:16:25 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.3.102 with HTTP; Sat, 16 Apr 2016 13:16:25 -0700 (PDT)
In-Reply-To: <87wpo3smzj.fsf@alice.fifthhorseman.net>
References: <4C08CDDD-4C06-41AD-9797-7DD6F08ECD06@gmail.com> <2AA5B912-0AE6-4722-8BC7-66E37559C0B1@callas.org> <D17B23A3-633F-4E4E-BC14-69ED6060F357@gmail.com> <6E221A61-7AB2-4E0B-B64D-60F210A0131F@callas.org> <E9A5B4B3-0EEC-4E86-8CEC-6680A24BE44F@gmail.com> <0D7A75AB-74C6-40E9-87C5-BA6F05FCDBF7@callas.org> <87oa9jo5sp.fsf@alice.fifthhorseman.net> <9C461E78-DC60-4B9D-A0DF-170F4759A57D@callas.org> <5E793A3D-128D-470A-8DF7-50827F39E02F@gmail.com> <20160410211449.GA12408@littlepip.fritz.box> <CAMm+Lwgqbv4S94M2xYua4gAOWFxr_Kt5y6X8tQEWkaf7weeH+A@mail.gmail.com> <87wpo3smzj.fsf@alice.fifthhorseman.net>
Date: Sat, 16 Apr 2016 16:16:25 -0400
X-Google-Sender-Auth: 3v_bDnBh5nac5x0JQ8oyCztNeWA
Message-ID: <CAMm+LwgJV8qDSz=JKXzYLg6JuPeOjLVamhJEhORwa6z1AGG+Lw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/4Q7Ck6cSHuvIiakls8ru_neTIIs>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Mining protection in fingerprint schemes
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Apr 2016 20:16:30 -0000
As a general rule, humans remember 7+/-2 items in short term (working) memory. So trying to compare two 25 character, base32 fingerprints is going to be error prone. This is why I use character grouping in my UDF proposal to group them into blocks of 5. But even that isn't ideal by any means. So yes, I agree with DKG that typing a fingerprint in (or cut n' paste) is often the way to go. As I see it, Base32 is the 'mandatory to implement' option. We need it because that is the only thing that is going to work in circumstances for which we currently use PGP fingerprints (and all the other stuff I want to support). But I don't have to be limited to just that when I am connecting my new watch to my personal set of connected devices. For that, a better choice would be a vocabulary of words or images. If the vocabulary has 65536 entries, I can encode the entire fingerprint in 6-8 images (depending on whether I choose to use work hardening). This is an option of course. But it is a very good option to have for two reasons. First it allows us to make crypto easier. But secondly, it gives a lot of people who want to help make crypto happen a tangible thing that they can work on that will help. I see compiling the dictionary as a campaign tool opportunity. Something that groups like the EFF, ACLU and such could kick off. Sanitizing a vocabulary of 64K English words would be a task a student could complete in a week. With that proof point and the tools, we would then create dictionaries for the next 32 most used languages through crowd sourcing. Every person who worked on the project would be invested in the success. They would be advocates for the system they invested in. The other approach I am rather taken by is a modification of the 'synchronized LED blink' scheme someone proposed here. It turns out there is quite a bit of prior art. Say you are in a data center. There is a red light on every CPU card, they all blink in synchronization. This tells you two things, First that they are all connected to the same clock with negligible skew and secondly that they are all controlled under the same root of trust. Isn't that exactly the sort of information that it would be great to have in a data center? The modification that I would like to see is that instead of just turning an LED on or off, it can be used to broadcast additional data or the root of trust data at a higher bitrate. The upshot of that is that when I hold a camera up to the LED, such as the one on my smartphone, it can capture data from the device at a rate of 10-Baud or so. (30fps camera / 2 - overhead). Its not exactly fast but I can get a machine readout of the trust root fingerprint and the machine fingerprint in half a minute (125 bits each) I don't know about you, but I for one would have loved being able to find out what a device was and what was controlling it in 30 seconds without unplugging it back when I did big data center stuff. Again, it is an option, it is not the mandatory to implement. But the point of having a standard is to choose something that works for both the narrow case and can be extended to new and interesting uses as well.
- [openpgp] Mining protection in fingerprint schemes Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Jon Callas
- Re: [openpgp] Mining protection in fingerprint sc… Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Jon Callas
- Re: [openpgp] Mining protection in fingerprint sc… Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Hilarie Orman
- Re: [openpgp] Mining protection in fingerprint sc… Peter Gutmann
- Re: [openpgp] Mining protection in fingerprint sc… Peter Gutmann
- Re: [openpgp] Mining protection in fingerprint sc… Robert J. Hansen
- Re: [openpgp] Mining protection in fingerprint sc… Jon Callas
- Re: [openpgp] Mining protection in fingerprint sc… brian m. carlson
- Re: [openpgp] Mining protection in fingerprint sc… Daniel Kahn Gillmor
- Re: [openpgp] Mining protection in fingerprint sc… Daniel Kahn Gillmor
- Re: [openpgp] Mining protection in fingerprint sc… Jon Callas
- Re: [openpgp] Mining protection in fingerprint sc… Werner Koch
- Re: [openpgp] Mining protection in fingerprint sc… Peter Gutmann
- Re: [openpgp] Mining protection in fingerprint sc… Peter Gutmann
- Re: [openpgp] Mining protection in fingerprint sc… Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Bryan Ford
- Re: [openpgp] Mining protection in fingerprint sc… Vincent Breitmoser
- Re: [openpgp] Mining protection in fingerprint sc… Phillip Hallam-Baker
- Re: [openpgp] Mining protection in fingerprint sc… Vincent Breitmoser
- Re: [openpgp] Mining protection in fingerprint sc… Derek Atkins
- Re: [openpgp] Mining protection in fingerprint sc… Daniel Kahn Gillmor
- Re: [openpgp] Mining protection in fingerprint sc… Phillip Hallam-Baker