randomart is troubling [was: Re: QR code]

Robert J. Hansen rjh at sixdemonbag.org
Thu Jan 19 22:08:10 CET 2012

On 1/19/12 3:56 PM, Daniel Kahn Gillmor wrote:
> you might have noticed that i *wasn't* recommending short strings of 
> random words.  if you're interested in longer strings, there are
> several existing implementations of that idea, including:

There are an unpleasant lot of edge cases with this, starting with
homonyms: if the word is "lead", how should it be pronounced?  Ditto
with synonyms: if "great" and "grate" are both in your dictionary, you
have problems.

PGP Corporation tried to solve this by hiring a linguist to compile a
list of 512 short phonologically-distinct words.  For each byte of the
SHA-1 fingerprint it chose one of 256 words, representing each distinct
value.  Further, there were two sets to choose from: even-numbered bytes
took their word from one set, odd-numbered bytes took their word from
the other.

It was an interesting experiment, but as far as I know only PGP has ever
implemented it.  It never gained traction in the larger PGP community.

More information about the Gnupg-devel mailing list