tags:

views:

29

answers:

2
+1  Q: 

Easy to remember fingerprints for data?

I need to create fingerprints for RSA keys that users can memorize or at least easily recognize. The following ideas have come to mind:

  • Break the SHA1 hash into portions of, say 4 bits and use them as coordinates for Bezier splines. Draw the splines and use that picture as a fingerprint.
  • Use the SHA1 hash as input for some fractal algorithm. The result would need to be unique for a given input, i.e. the output can't be a solid square half the time.
  • Map the SHA1 hash to entries in a word list (as used in spell checkers or password lists). This would create a passphrase consisting of real words.
  • Instead of a word list, use some other large data set like Google maps (map the SHA1 hash to map coordinates and use the map region(s) as a fingerprint)

Any other ideas? I'm sure this has been implemented in one form or another.

A: 

OpenSSH contains something like that, under the name "visual host key". Try this:

ssh -o VisualHostKey=yes somesshhost

where somesshhost is some machine with a SSH server running. It will print out a "fingerprint" of the server key, both in hexadecimal, and as an ASCII-art image which may look like this:

+--[ RSA 2048]----+
|   .+            |
|   + o           |
|  o o +          |
|   + o +         |
|  . o E S        |
|   + * .         |
|    X o .        |
|   . * o         |
|   .o .          |
+-----------------+

or like this:

+--[ RSA 1024]----+
|        .*BB+    |
|       . .++o    |
|        = oo.    |
|       . =o+..   |
|        So+..    |
|        ..E.     |
|                 |
|                 |
|                 |
+-----------------+

Apparently, this is inspired from techniques described in this article. OpenSSH is opensource, with a BSD-like license, so chances are that you could simply reuse their code (it seems to be in the key.c file, function key_fingerprint_randomart()).

Thomas Pornin  2010-08-30 14:30:22
This is worth looking into if you are confined to ASCII output.
 2010-09-12 00:33:11
A: 

I found something called random art which generates an image from a hash. There is a Python implementation available for download: http://www.random-art.org/about/

There is also a paper about using random art for authentication: http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf

It's from 1999; I don't know if further research has been done on this.

 2010-09-12 00:34:00

related questions

What is a javascript hash table implementation that avoids object namespace collisions?
Best way to prevent duplicate use of credit cards
Why is '397' used for ReSharper GetHashCode override?
How does c# figure out the hash code for an object?
What's the best hashing algorithm to use on a stl string when using hash_map?
Is there any way to use a "constant" as hash key in Perl?
Unique ID c++
Detect changes in random ordered input (hash function?)
How do I hash a string with Delphi?
Can I depend on the values of GetHashCode() to be consistent?
How to get hashes out of arrays in Perl?
Search by hash?
Given that I have a hash of id(key) and countries(values) sorted alphabetically, what is the best way to bubble up an entry to the top of the stack?
Saving Perl Windows Environment Keys UPCASES them
What is a good Hash Function?
How do I create a SHA1 hash in ruby?
How Do I Create a Hash Table in Java?
How would you implement a hashtable in language x?
why are downloads sometimes tagged md5, sha1 and other hash indicators?
How to find keys of a hash?
How do I generate a hashcode from a byte array in c#
How would a sdbm hash function be implemented in C#?
What is the best way to create a sparse array in C++
What's the safest way to iterate through the keys of a Perl hash?
Decode email address from Gravatar hash?