[Freedombox-discuss] identicons are not strong crypto [was: Re: Tap-to-share PGP key exchange]

[Timur Mehrvarz]

On 30.09.2011 22:09, Daniel Kahn Gillmor wrote:
> Assuming Alice and Bob are sighted humans, they can observe their 
> surroundings, and ensure that their cameras are taking photos of
> the expected data (just the screen of the other phone), and aren't 
> compromised by fancy antennas hiding in the bushes or whatever.
> Then they rely on the cryptographic digest in the fingerprint to
> bootstrap their way into confidence that the larger file
> (transferred wirelessly) does indeed have the key the peer meant to
> send them.
> 
> does this make sense?
> 
> --dg

Yes it does.

I want the implementation with the lowest number of required menu
operations (clicks). I like to suggest to combine the two
functionalities (show QR code / snap QR code) into one activity, and
to auto-serialize them. This can be done, for instance, based on the
Bluetooth nic addresses. So per convention we could automatically
start the camera on the device with the smaller nic address and start
showing the QR code on the device with the bigger nic address. If
everything goes well (the user with the camera gets a "Received key
verified!" message), we switch the process around. The complete 2-way
process could be done with a total number of four clicks per user.

1. click on the received .asc file
2. click on "QR verification" in the "Apply action..." menu
3. click to snap / click to continue to switch around
4. click to continue to switch around / click to snap

Or can we do "less"?
Timur