On Fri, Jun 23, 2006 at 03:36:05PM +0100, Michael Rogers wrote: > The current CHKs, SSKs, USKs etc aren't very friendly for passing around > - they need to be escaped in URLs, they're case sensitive, and they're > rather long. KSKs and personal name->key directories can't be guaranteed > to agree about which file corresponds to a given name. > > Can we create short, secure, readable keys?
KSKs are the best we're going to get. They're okay, as long as the network is reasonably solid. But they're spammable. > How about a key that's > simply the hash of an unencrypted redirect containing another key - a > CHK, SSK or USK? The key would only need to be 128 bits (truncated > SHA-1), the same length as a public key fingerprint or an IPv6 address. > 128 bits translates to 32 characters in hex: > > 1dab-5a37-4c02-8d44-2a4a-9e3d-ea0d-a52c The problem is that 128 bits isn't really enough; you'll get collisions naturally from time to time. And it wouldn't be encrypted. CHKs are simply CHK@<256 bit hash of content>,<256 bit encryption key>. > > Hex can be made more readable (and even memorable) by converting each > block of 4 digits into a word using the following table, inserting u, v > or y as necessary to make words easier to pronounce: > > 0123456789ABCDEF > OINMTSGLRPABCDEF > > 1dab 5a31 4c0m 8d44 2a4a 9e3d ea0d a53c > idab sami tucom rudytut nata pemud eyavod asmuc > > Not exactly catchy, but easy enough to read out over the phone or write > on a napkin. Hmmm. > > Cheers, > Michael -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060623/6ba1a111/attachment.pgp>
