[Security] Gajim 0.12's E2E encryption UI

Eric Rescorla ekr at rtfm.com
Thu Aug 21 09:16:59 CDT 2008


On Thu, Aug 21, 2008 at 5:28 AM, Simon Josefsson <simon at josefsson.org> wrote:
> Jonathan Schleifer <js-xmpp-security at webkeks.org> writes:
>
>> GPG should only be an option and not the default, never more, as GPG
>> is not user friendly to the average user.
>
> I don't think non-technical users need to ever see anything except
> similar user interfaces as shown earlier in this thread.
>
>> It wouldn't really work with a dialog like that. We already have
>> problems getting people to verify the SAS, how do you expect them to
>> verify a fingerprint? ;)
>
> You can transform an OpenPGP key fingerprint into a SAS-like string, if
> that makes you feel better, and ask users to verify that.  Hash the
> OpenPGP fingerprint, truncate it and encode it using the same length and
> characters as used by SAS today.

This actually isn't as secure as an SAS if done exactly this way, because
the attacker can generate a key that matches the truncated hash via
exhaustive search.

What is secure is if the relying party chooses random bits out of the
fingerprint to ask the user to check, thus forcing the full fingerprint
to be secure. I'm not yet sure how to do a good UI for this.

-Ekr


More information about the Security mailing list