[kwlug-disc] Using mnemonicode for GPG fingerprints
bjonkman at sobac.com
Fri Jul 6 18:15:13 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hmm. I grabbed source from the tree and compiled it last night. I'm
using a 64-bit version of Ubuntu; could it be a word-size problem?
I see that the translation of the first 8 octets (six mnemonicode
words) are the same. That's suspiciously close to 64 bits.
I was just reading about the PGP Word List and it seems more robust
against transposition errors between words, since it uses two lists,
alternating between two-syllable and three-syllable words. I only
realized a couple of weeks ago that mmemonicode and the PGP Word List
aren't the same, nor compatible with each other.
On 12-07-06 05:42 PM, Chris Frey wrote:
> On Fri, Jul 06, 2012 at 02:29:10PM -0400, Bob Jonkman wrote:
>> $ echo 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC
>> E5EA|mnencode -x
>> Wordlist ver 0.7 genius version final. alex pablo berlin. cactus
>> visible pulse dance insect ninja. valery jasmine double
> My test, using the latest git tree from here:
> Using commit 7a1892563a
> $ echo 04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA |
> ./mnencode -x Wordlist ver 0.7 genius version final. alex pablo
> berlin. isabel aladdin trivial tunnel lecture heaven. section
> number plume
> Which is not the same as yours above.
> Decoding my results returns the correct fingerprint.
> So it seems there's a problem with your particular encoder.
> I'm not sure that mnemonic encoder is an improvement for
> over-the-phone verification, though. Using something like the
> phonetic alphabet is probably just as accurate, and doesn't require
> the receiver to know how to spell all the words you give him. :-)
> Fortunately, for hex, all we have to memorize are: Alpha, Bravo,
> Charlie, Delta, Echo, Foxtrot.
> - Chris
> _______________________________________________ kwlug-disc mailing
> list kwlug-disc at kwlug.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability
-----END PGP SIGNATURE-----
More information about the kwlug-disc