On Wed, Oct 16, 2013 at 6:57 PM, Laurent Alebarde <[email protected]> wrote:
> Please, keep the public key secret. Indeed... So here's my last proposal before I quit for the day :-) We use the full SHA512 hash, keeping the public key and metadata secret and boxed for the recipient. We print the full 64-byte signature in the certificate BUT we make it possible to do partial random verification. Depending on the level of trust, parties can verify more or less of the fingerprint. Here's the format I'd suggest: (00)BB:88:47:1D (01)65:E2:65:9B (02)30:C5:5A:53 (03)21:CE:BB:5A (10)AB:2B:70:A3 (11)98:64:5C:26 (12)DC:A2:B2:FC (13)B4:3F:C5:18 (20)7B:B8:64:B4 (21)89:AF:A3:67 (22)1F:BE:69:10 (23)1F:94:B3:89 (30)72:F2:48:16 (31)DF:B0:1B:51 (32)65:6B:3F:EC (33)8D:FD:08:88 So when I call Laurent I can say, "what is group 33? 12? 20? 31?" That keeps the bandwidth of the fingerprint down to a minimum while making it impossible for an attacker to pass the test*. -Pieter * unless you invoke realtime voice imitation/recognition MIM attacks, which make any signature pointless. _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
