Fwd: Re: Question for app developers, like Enigmail etc. - Identicons

Mon Jun 5 16:22:26 CEST 2017

On 04.06.17 22:20, Daniel Kahn Gillmor wrote:

> Hi Stefan--
>
> I think you're asking about two sort of different things.
>
> on the one hand, you're asserting that the 32-bit keyid isn't sufficient
> for any sort of cryptographic verification.  that's absolutely correct,
> and enigmail really shouldn't be exposing the 32-bit keyID to humans
> where it can avoid doing so.  I've written more about this here:
>
>   https://debian-administration.org/users/dkg/weblog/105

Very good article Daniel i will re-read and save it as reference
and let other people know about it.

> You're also asking about graphical representations of the cryptographic
> identity -- a graphical representation of a fingerprint, basically.
> The community has seen several different proposals of graphical
> fingerprint representations in the past, and every one i've seen
> gets stuck when faced with the hard questions.  In particular:
>
>  * is the goal *recognition* of the fingerprint (i.e. "does this
>    fingerprint look sufficiently similar to the one i've seen in the
>    past for me to remember it?"), or is the goal *distinguishing* from a
>    maliciously-crafted fingerprint (i.e. "am i certain that this
>    fingerprint is an exact match of one that i expect to see from the
>    peer who i think should have been signing this e-mail?")
>
>  * In the "recognition" model, it's not clear that any
>    cryptographically-strong guarantees are made to the user.  So why tie
>    the visual identity to the cryptographic identity if we think it's
>    spoofable?
>
>  * in the "distinguishing" model, it's not clear that any of the schemes
>    i've seen are actually better for most humans against a dedicated
>    attacker who crafts fingerprints to make visual identities that look
>    similar.  do you have any studies showing this capability against a
>    motivated and technically capable attacker?

No, of course i have not. My thoughts as a not so-skilled GnuPG user
would be that it helps users detecting (assuming it's bullet-proof) a
proper key from a fake key more easily if they have not yet signed
(locally) a public key while they already exchanged a couple of emails.
I can speak only of Thunderbird/Enigmail wich i use now. It gives a
user the usual "Untrusted Good Signatur" and i have to click also on
the Details button to carefully verify the fingerprint from an addional
list to see if the key belongs to the person the signature claims. An
additional visual fingerprint would make that proccess for me easier,
if it's bullet-proof.

> I'd generally think that if you're looking for a tool to help people
> remember and recognize keys that they've seen before, then a mail user
> agent is in a great position to do exactly that: just tell the user
> explicitly what they've seen before, how often, etc.  why depend on the
> human visual cortex or on human ability for numeric recall?

I could imagine that Joe user average may not always look at mail headers
very carefully for a little typo in the from: or reply-to: header in his
mail client or web-mailer.

Regards
Stefan