In public key cryptography, public key fingerprint is a short sequence of bytes used to identify a longer public key. The fingerprint is created by applying the cryptographic hash function to the public key. Because fingerprints are shorter than the keys they refer, they can be used to simplify certain key management tasks. In Microsoft software, "thumbprint" is used instead of "fingerprint".
Video Public key fingerprint
Creating public key fingerprint
Public key fingerprints are usually made through the following steps:
- The public key (and optionally some additional data) is encoded into a byte sequence. To ensure that the same fingerprints can be recreated later, the coding must be deterministic, and any additional data must be exchanged and stored with the public key. Additional data is usually information that should be known to anyone using a public key. Examples of additional data include: which protocol versions the key should use (in terms of PGP fingerprints); and the keyholder's name (in case X.509 trusts the fingerprint anchor, where additional data consists of self-signed certificates by X.509).
- The data generated in the previous step is hashed with a cryptographic hash function such as SHA-1 or SHA-2.
- If desired, the hash function output can be truncated to provide shorter and more convenient fingerprints.
This process produces a short fingerprint that can be used to authenticate a much larger public key. For example, whereas a typical RSA public key will have a length of 1024 bits or more, a special MD5 or SHA-1 fingerprint is only 128 or 160 bits in length.
When displayed for human examination, the fingerprint is usually encoded into a hexadecimal string. The string is then formatted into groups of characters for easy reading. For example, a 128-bit MD5 fingerprint for SSH will be displayed as follows:
43: 51: 43: a1: b5: fc: 8b: b7: 0a: 3a: a9: b1: 0f: 66: 73: a8
Maps Public key fingerprint
Using public key fingerprint for key authentication
When a public key is received through an untrusted channel, such as the Internet, the recipient often wants to authenticate the public key. Fingerprints can help achieve this, because their small size allows them to skip trusted channels where the public key will not easily enter.
For example, if Alice wants to authenticate the public key as Bob's, she can call Bob over the phone or directly and ask her to read her fingerprints, or give her a piece of paper with a written fingerprint. Alice can then check that this trusted fingerprint matches the public key fingerprint. Exchanging and comparing values ​​like this is much easier if the value is a short fingerprint, not a long public key.
Fingerprints can also be useful when automating the exchange or storing of key authentication data. For example, if key authentication data needs to be transmitted through a protocol or stored in a database where a full public key size is a problem, then exchanging or storing fingerprints may be a more viable solution.
In addition, fingerprints can be queried with search engines to ensure that the public key that a user has just downloaded is visible to third-party search engines. If a search engine returns a click that refers to a fingerprint that links to the appropriate site, one can feel more certain that the key is not injected by an attacker, such as a Man-in-the-middle attack.
PGP develops a list of PGP words to facilitate public key fingerprint exchange through voice channels.
Public key fingerprint in practice
In systems such as SSH, users can exchange and manually check fingerprints to perform key authentication. Once the user has received another user's fingerprint, the fingerprint (or referring key) will be stored locally along with other user name or address records, so that future communication with that user can be automatically authenticated.
In systems such as X.509-based PKI, fingerprints are mainly used to authenticate root keys. These root keys issue certificates that can be used to authenticate user keys. Use of this certificate eliminates the need for manual fingerprint verification between users.
In systems such as PGP or Groove, fingerprints can be used for any of the above approaches: fingerprints can be used to authenticate keys belonging to other users, or keys belonging to the certificate issuing authority. In PGP, normal users can issue certificates to each other, form trust networks, and fingerprints are often used to assist in this process (for example, at key signing parties).
In systems such as CGA or SFS and most peer-to-peer cryptographic networks, fingerprints are inserted into addresses and pre-existing name formats (such as IPv6 addresses, filenames or other identification strings). If addresses and names are already exchanged through trusted channels, this approach allows fingerprints to support them.
In PGP, most keys are created such that the so-called "lock ID" equals 32 bits or 64 bits each from the fingerprint lock. PGP uses a key ID to refer the public key for various purposes. This is not, speaking correctly, fingerprints, because the short lengths make them unable to safely authenticate the public key. The 32bit key ID should not be used because the current hardware can generate 32 bit key IDs in just 4 seconds.
Public key fingerprint security
The main threat to fingerprint security is a preimage attack, in which the attacker builds a key pair whose public key has a fingerprint that matches the victim's fingerprint. The attacker can then present his public key in place of the victim's public key to impersonate the victim.
The secondary threat to some systems is a collision attack, in which the attacker builds several key hash pairs into his own fingerprint. This allows the attacker to refuse the signature he or she created, or cause any other confusion.
To prevent preimage attacks, the cryptographic hash function used for fingerprint must have properties of the second preimage resistance. If a collision attack is a threat, the hash function must also have a collision resistance property. While it may be acceptable to bypass the output of hash functions for shorter and more useful fingerprints, the truncated fingerprint must be long enough to retain the relevant property of the hash function against the brute-force search attack.
In practice, most commonly used fingerprints are currently based on unmolited pieces of MD5 or SHA-1. By 2017, collisions but no preimages can be found on MD5 and SHA-1. Therefore, the future is likely to bring increased use of newer hash functions such as SHA-256. However, fingerprint based on SHA-256 and other hash functions with long output lengths are more likely to be cut than (relatively short) MD5 or SHA-1 fingerprints.
In situations where the fingerprint length should be minimized by all means, fingerprint security can be increased by increasing the cost of fingerprint counting. For example, in the context of Cryptographically Generated Addresses, this is called "Hash Extension" and requires anyone counting fingerprints to look for hashsums beginning with a fixed amount of zero, which is assumed to be a costly operation.
See also
- Fingerprint (computation)
- list of PGP words
- Public key cryptography
- Authenticate buttons
- Key management
- Party signing key
- X.509
- Rabin's fingerprint
References
Source of the article : Wikipedia
0 Comments