[zeromq-dev] Proposal for ZeroMQ certificate format

Pieter Hintjens ph at imatix.com
Wed Oct 16 19:11:42 CEST 2013


On Wed, Oct 16, 2013 at 6:57 PM, Laurent Alebarde <l.alebarde at free.fr> wrote:

> Please, keep the public key secret.

Indeed...

So here's my last proposal before I quit for the day :-)

We use the full SHA512 hash, keeping the public key and metadata
secret and boxed for the recipient.

We print the full 64-byte signature in the certificate BUT we make it
possible to do partial random verification.

Depending on the level of trust, parties can verify more or less of
the fingerprint.

Here's the format I'd suggest:

(00)BB:88:47:1D (01)65:E2:65:9B (02)30:C5:5A:53 (03)21:CE:BB:5A
(10)AB:2B:70:A3 (11)98:64:5C:26 (12)DC:A2:B2:FC (13)B4:3F:C5:18
(20)7B:B8:64:B4 (21)89:AF:A3:67 (22)1F:BE:69:10 (23)1F:94:B3:89
(30)72:F2:48:16 (31)DF:B0:1B:51 (32)65:6B:3F:EC (33)8D:FD:08:88

So when I call Laurent I can say, "what is group 33? 12? 20? 31?"

That keeps the bandwidth of the fingerprint down to a minimum while
making it impossible for an attacker to pass the test*.

-Pieter

* unless you invoke realtime voice imitation/recognition MIM attacks,
which make any signature pointless.



More information about the zeromq-dev mailing list