You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, if the users don't have an existing secure channel, they have to compare a long hex string for verification. We can encode the hash into words so that they are easier to compare. If the sender can copy and paste the hash from the receiver, we can also let them paste in the received hash and compare it for them. Another possible improvement would be to modify the protocol to prevent attackers from brute-forcing the verification hash, which would allow a short sequence of words to be used for verification instead of the full hash. An example of this is the SAS verification in the Matrix protocol, where they do a Diffie-Hellman key exchange and compare short strings derived from the hash of the public keys. A hash commitment ensures that both sides generate their keys before receiving the other side's public key.
The text was updated successfully, but these errors were encountered:
bkrl
changed the title
Make verification easier
Suggestion: Make verification easier
Feb 16, 2023
Currently, if the users don't have an existing secure channel, they have to compare a long hex string for verification. We can encode the hash into words so that they are easier to compare. If the sender can copy and paste the hash from the receiver, we can also let them paste in the received hash and compare it for them. Another possible improvement would be to modify the protocol to prevent attackers from brute-forcing the verification hash, which would allow a short sequence of words to be used for verification instead of the full hash. An example of this is the SAS verification in the Matrix protocol, where they do a Diffie-Hellman key exchange and compare short strings derived from the hash of the public keys. A hash commitment ensures that both sides generate their keys before receiving the other side's public key.
The text was updated successfully, but these errors were encountered: