On Thu, 2014-01-30 at 12:09 +0000, Michael Rogers wrote: > My intuition about alphabets is that uncertainty about the alphabet > slows people down. For example, if people don't know that an OTR > fingerprint is case-insensitive hex, they may read "B03F" as "capital > b, capital o... no, sorry, zero... three, capital f". Likewise they > may read out punctuation that's used to group the symbols. > > Think about speaking to a stranger over a bad phone line. Digits can > be communicated fairly efficiently in groups of two or three. Letters > require the phonetic alphabet, and if you don't both know that the > other person's familiar with it, that means "a for alpha, b for bravo" > rather than "alpha, bravo". If you have to pronounce lowercase and > uppercase as well, something like base58 becomes less time-efficient > than decimal digits.
Hi, I just joined the mailinglist and this discussion, so sorry if it was already proposed. Your phone example reminds me of ZRTP, which uses the "PGP word list" instead of a fingerprint. see http://philzimmermann.com/docs/PGP_word_list.pdf In addition, ZRTP uses a hash commitment based protocol allowing to reduce the number of words to be compared over phone down to 2. Obviously, this hash commitment is only possible when establishing a digital connection between participants. Comparing fingerprints offline would generate long lists of words. I wonder if we could build a sentence out of a fingerprint... Regards Dominik
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
