Do you mean PGP fingerprints? PGP fingerprints are the canonical example of one edge of Zooko's triangle: they are transferrable, securely unique, and free from global control, but they are not human-memorable. (Well, OK, you could memorize your own, but mostly people can't see one written on the side of a bus and go home and type it in accurately.)
If you do mean PGP key IDs, they are just 32 bits long. I can generate 2^32 DSS keys pretty rapidly and find the ID of them all to generate a key whose ID matches a particular target. If I only need to match any one of a thousand keys, my attack is a thousand times easier.
For a V3 key things are even worse: one may directly generate a key with a desired ID, because the ID is simply the low bits of the RSA public key.
The OpenPGP documentation (11.2) seems to talk about 64-bit IDs, which are obviously more work to attack but still within range. However, my own ID, 0x12F7E63D, is pretty definitely 32 bits, as are other examples I find online.
Even that doesn't fall under what we mean by "human memorable" in Zooko's triangle.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
Re: Zooko's triangle
Date: 2007-03-01 07:25 am (UTC)If you do mean PGP key IDs, they are just 32 bits long. I can generate 2^32 DSS keys pretty rapidly and find the ID of them all to generate a key whose ID matches a particular target. If I only need to match any one of a thousand keys, my attack is a thousand times easier.
For a V3 key things are even worse: one may directly generate a key with a desired ID, because the ID is simply the low bits of the RSA public key.
The OpenPGP documentation (11.2) seems to talk about 64-bit IDs, which are obviously more work to attack but still within range. However, my own ID, 0x12F7E63D, is pretty definitely 32 bits, as are other examples I find online.
Even that doesn't fall under what we mean by "human memorable" in Zooko's triangle.