On 09/27/2017 08:01 PM, Vincent Breitmoser wrote:
I have been looking at the way safety numbers are constructed in Signal.
This left me somewhat confused, and I thought I'd ask here for
clarification :)
As a brief recap, the safety numbers are structured like this:
decimalize(SHA512^5200(id1_pub+userid1)) ||
decimalize(SHA512^5200(id2_pub+userid2))
Aha! I was pretty surprised the other day when I overheard a group of
friends trying out Signal for the first time. They were walked through
the fingerprint authentication (now changed to "security number") and of
course, like everyone else does, decided to not speak the entire number,
but to do some specific decimals instead. I was wondering what the heck
was going on when I heard the same numbers being spoken out loud several
times by different people, but this explains it. Thank you!
_______________________________________________
Messaging mailing list
Messaging@moderncrypto.org
https://moderncrypto.org/mailman/listinfo/messaging
