On 30/11/15 15:20, Daniel Kahn Gillmor wrote: > On Mon 2015-11-30 15:52:35 +0200, Karl wrote: >> Right. I imagine the face is generated from the fingerprint of the >> public key. Hence copying it would require generating enough keys to >> find a human-believable collision, as would be equivalently done to >> fake .onion addresses or pgp key fingerprints. We're a lot better at >> remembering and comparing the details of faces than numbers, and we >> readily associate them with identities. > > We've had quite a bit of discussion in the past about how to generate > human-memorable fingerprints. But the challenge isn't in getting people > to associate the face with the identity. It's in getting people to > *distinguish* other plausibly-similar faces from the target face. > > Humans are generally OK at the former (some better than others) and > often quite terrible at the latter, partly because real-world faces > actually do change quite a bit (sunburn, nutrition, sleep, hairstyles, > dirt, food, facial hair, etc). we're hard-wired to make loose matches > in this space, which is sort of the opposite of what you'd want from a > fingerprinting technique where the adversary gets to try a lot of > options to find a "close match" that breaks fingerprintability.
Depending on the use case, it may be possible to prevent the adversary from searching for close matches by salting the fingerprints with a salt that's only known to the user making the comparison, so a close match from one user's point of view is no closer than random from another user's point of view. The question is whether users are comparing fingerprints with other users, or with some authoritative source, or with their own memories. Salt will break the first two cases, but not the third. Anyone want to run an experiment? http://dumbmatter.com/facesjs/ Cheers, Michael
0x9FC527CC.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
