1422:
36:
254:
In addition, fingerprints can be queried with search engines in order to ensure that the public key that a user just downloaded can be seen by third party search engines. If the search engine returns hits referencing the fingerprint linked to the proper site(s), one can feel more confident that the
330:
In PGP, most keys are created in such a way that what is called the "key ID" is equal to the lower 32 or 64 bits respectively of a key fingerprint. PGP uses key IDs to refer to public keys for a variety of purposes. These are not, properly speaking, fingerprints, since their short length prevents
243:
For example, if Alice wishes to authenticate a public key as belonging to Bob, she can contact Bob over the phone or in person and ask him to read his fingerprint to her, or give her a scrap of paper with the fingerprint written down. Alice can then check that this trusted fingerprint matches the
277:
In systems such as SSH, users can exchange and check fingerprints manually to perform key authentication. Once a user has accepted another user's fingerprint, that fingerprint (or the key it refers to) will be stored locally along with a record of the other user's name or address, so that future
161:
A public key (and optionally some additional data) is encoded into a sequence of bytes. To ensure that the same fingerprint can be recreated later, the encoding must be deterministic, and any additional data must be exchanged and stored alongside the public key. The additional data is typically
353:
To prevent preimage attacks, the cryptographic hash function used for a fingerprint should possess the property of second preimage resistance. If collision attacks are a threat, the hash function should also possess the property of collision-resistance. While it is acceptable to truncate hash
361:
In practice, most fingerprints commonly used today are based on non-truncated MD5 or SHA-1 hashes. As of 2017, collisions but not preimages can be found in MD5 and SHA-1. The future is therefore likely to bring increasing use of newer hash functions such as
296:, fingerprints can be used for either of the above approaches: they can be used to authenticate keys belonging to other users, or keys belonging to certificate-issuing authorities. In PGP, normal users can issue certificates to each other, forming a
285:, fingerprints are primarily used to authenticate root keys. These root keys issue certificates which can be used to authenticate user keys. This use of certificates eliminates the need for manual fingerprint verification between users.
343:, where an attacker constructs a key pair whose public key hashes to a fingerprint that matches the victim's fingerprint. The attacker could then present his public key in place of the victim's public key to masquerade as the victim.
247:
Fingerprints can also be useful when automating the exchange or storage of key authentication data. For example, if key authentication data needs to be transmitted through a protocol or stored in a
369:
In situations where fingerprint length must be minimized at all costs, fingerprint security can be boosted by increasing the cost of calculating the fingerprint. For example, in the context of
1402:
1232:
354:
function output for the sake of shorter, more usable fingerprints, the truncated fingerprints must be long enough to preserve the relevant properties of the hash function against
350:, where an attacker constructs multiple key pairs which hash to his own fingerprint. This may allow an attacker to repudiate signatures he has created, or cause other confusion.
862:
366:. However, fingerprints based on SHA-256 and other hash functions with long output lengths are more likely to be truncated than (relatively short) MD5 or SHA-1 fingerprints.
162:
information which anyone using the public key should be aware of. Examples of additional data include: which protocol versions the key should be used with (in the case of
331:
them from being able to securely authenticate a public key. 32bit key ids should not be used as current hardware can generate a colliding 32bit key id in just 4 seconds.
572:
327:
or other identification strings). If addresses and names are already being exchanged through trusted channels, this approach allows fingerprints to piggyback on them.
990:
240:
the public key. Fingerprints can help accomplish this, since their small size allows them to be passed over trusted channels where public keys won't easily fit.
1085:
985:
244:
fingerprint of the public key. Exchanging and comparing values like this is much easier if the values are short fingerprints instead of long public keys.
714:
46:
893:
887:
1011:
565:
308:
145:
to a public key. Since fingerprints are shorter than the keys they refer to, they can be used to simplify certain key management tasks. In
466:
370:
629:
1455:
192:
This process produces a short fingerprint which can be used to authenticate a much larger public key. For example, whereas a typical
697:
654:
619:
104:
1078:
609:
76:
211:
strings. These strings are then formatted into groups of characters for readability. For example, a 128-bit MD5 fingerprint for
1450:
558:
687:
634:
773:
509:
83:
1281:
798:
61:
682:
251:
where the size of a full public key is a problem, then exchanging or storing fingerprints may be a more viable solution.
1071:
939:
872:
90:
614:
1397:
1352:
1165:
1036:
929:
778:
692:
677:
312:
142:
1276:
788:
659:
72:
1392:
1041:
1021:
282:
1382:
1372:
1227:
980:
751:
256:
1377:
1367:
1170:
1130:
1123:
1113:
1108:
934:
581:
396:
386:
293:
171:
126:
1118:
867:
806:
741:
340:
1425:
1271:
1217:
882:
639:
596:
188:
If desired, the hash function output can be truncated to provide a shorter, more convenient fingerprint.
1387:
1311:
793:
604:
523:
316:
97:
1150:
899:
301:
289:
262:
163:
1256:
1240:
1187:
924:
746:
669:
649:
644:
624:
401:
355:
227:
373:, this is called "Hash Extension" and requires anyone calculating a fingerprint to search for a
469:
SIGOPS European workshop: Support for composing distributed applications. Sintra, Portugal: MIT
1316:
1306:
1177:
1006:
949:
877:
763:
445:
426:
421:
411:
453:
1251:
852:
513:
499:
347:
177:
The data produced in the previous step is hashed with a cryptographic hash function such as
193:
1326:
1246:
1207:
1155:
1140:
449:
406:
377:
starting with a fixed number of zeroes, which is assumed to be an expensive operation.
237:
53:
17:
1444:
1407:
1362:
1321:
1301:
1197:
1160:
1135:
391:
266:
1357:
1202:
1192:
1182:
1145:
1094:
1046:
1026:
297:
212:
1336:
944:
821:
526:
503:
319:, fingerprints are embedded into pre-existing address and name formats (such as
208:
35:
1296:
1266:
1261:
1222:
970:
702:
460:
138:
1286:
324:
146:
269:
to facilitate the exchange of public key fingerprints over voice channels.
207:
When displayed for human inspection, fingerprints are usually encoded into
157:
A public key fingerprint is typically created through the following steps:
27:
Short sequence of bytes used to authenticate or look up a longer public key
170:
trust anchor fingerprints, where the additional data consists of an X.509
1331:
1291:
1031:
965:
836:
831:
826:
707:
248:
233:
455:
Escaping the Evils of
Centralized Control with self-certifying pathnames
857:
816:
374:
363:
300:, and fingerprints are often used to assist in this process (e.g., at
1212:
975:
518:
232:
When a public key is received over an untrusted channel, such as the
811:
768:
736:
729:
724:
719:
416:
278:
communications with that user can be automatically authenticated.
201:
182:
178:
167:
320:
134:
1067:
554:
904:
758:
197:
166:
fingerprints); and the name of the key holder (in the case of
29:
196:
public key will be 2048 bits in length or longer, typical
339:
The primary threat to the security of a fingerprint is a
149:
software, "thumbprint" is used instead of "fingerprint."
57:
1233:
Cryptographically secure pseudorandom number generator
486:
542:
255:
key is not being injected by an attacker, such as a
222:
Using public key fingerprints for key authentication
1345:
1101:
999:
958:
917:
845:
787:
668:
595:
588:
204:fingerprints are only 128 or 160 bits in length.
218:43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8
1079:
566:
8:
62:introducing citations to additional sources
505:Cryptographically Generated Addresses (CGA)
1086:
1072:
1064:
592:
573:
559:
551:
547:
543:
141:. Fingerprints are created by applying a
517:
346:A secondary threat to some systems is a
52:Relevant discussion may be found on the
437:
371:Cryptographically Generated Addresses
7:
894:Naccache–Stern knapsack cryptosystem
487:Evil 32: Check Your GPG Fingerprints
335:Security of public key fingerprints
273:Public key fingerprints in practice
25:
1421:
1420:
236:, the recipient often wishes to
153:Creating public key fingerprints
45:relies largely or entirely on a
34:
925:Discrete logarithm cryptography
281:In systems such as X.509-based
215:would be displayed as follows:
1282:Information-theoretic security
1:
940:Non-commutative cryptography
1398:Message authentication code
1353:Cryptographic hash function
1166:Cryptographic hash function
1037:Identity-based cryptography
930:Elliptic-curve cryptography
143:cryptographic hash function
1472:
1277:Harvest now, decrypt later
498:Aura, Tumas (March 2005).
225:
137:used to identify a longer
1456:Fingerprinting algorithms
1416:
1393:Post-quantum cryptography
1063:
1042:Post-quantum cryptography
991:Post-Quantum Cryptography
550:
546:
465:. Proceedings of the 8th
1383:Quantum key distribution
1373:Authenticated encryption
1228:Random number generation
257:Man-in-the-middle attack
73:"Public key fingerprint"
1451:Public-key cryptography
1378:Public-key cryptography
1368:Symmetric-key algorithm
1171:Key derivation function
1131:Cryptographic primitive
1124:Authentication protocol
1114:Outline of cryptography
1109:History of cryptography
935:Hash-based cryptography
582:Public-key cryptography
397:Public-key cryptography
387:Fingerprint (computing)
315:and most cryptographic
172:self-signed certificate
133:is a short sequence of
127:public-key cryptography
1119:Cryptographic protocol
341:second-preimage attack
131:public key fingerprint
18:Public-key fingerprint
1272:End-to-end encryption
1218:Cryptojacking malware
597:Integer factorization
317:peer-to-peer networks
226:Further information:
1388:Quantum cryptography
1312:Trusted timestamping
58:improve this article
1151:Cryptographic nonce
900:Three-pass protocol
307:In systems such as
302:key-signing parties
288:In systems such as
1257:Subliminal channel
1241:Pseudorandom noise
1188:Key (cryptography)
670:Discrete logarithm
452:(September 1998).
402:Key authentication
356:brute-force search
228:key authentication
1438:
1437:
1434:
1433:
1317:Key-based routing
1307:Trapdoor function
1178:Digital signature
1059:
1058:
1055:
1054:
1007:Digital signature
950:Trapdoor function
913:
912:
630:Goldwasser–Micali
512:. sec. 7.2.
450:M. Frans Kaashoek
427:Rabin fingerprint
422:Digital signature
412:Key signing party
123:
122:
108:
16:(Redirected from
1463:
1424:
1423:
1252:Insecure channel
1088:
1081:
1074:
1065:
896:
797:
792:
752:signature scheme
655:Okamoto–Uchiyama
593:
575:
568:
561:
552:
548:
544:
538:
537:
535:
533:
521:
519:10.17487/RFC3972
500:"Hash Extension"
495:
489:
484:
478:
477:
475:
474:
464:
442:
348:collision attack
118:
115:
109:
107:
66:
38:
30:
21:
1471:
1470:
1466:
1465:
1464:
1462:
1461:
1460:
1441:
1440:
1439:
1430:
1412:
1341:
1097:
1092:
1051:
995:
959:Standardization
954:
909:
892:
841:
789:Lattice/SVP/CVP
783:
664:
610:Blum–Goldwasser
584:
579:
541:
531:
529:
497:
496:
492:
485:
481:
472:
470:
458:
444:
443:
439:
435:
383:
337:
275:
230:
224:
219:
155:
119:
113:
110:
67:
65:
51:
39:
28:
23:
22:
15:
12:
11:
5:
1469:
1467:
1459:
1458:
1453:
1443:
1442:
1436:
1435:
1432:
1431:
1429:
1428:
1417:
1414:
1413:
1411:
1410:
1405:
1403:Random numbers
1400:
1395:
1390:
1385:
1380:
1375:
1370:
1365:
1360:
1355:
1349:
1347:
1343:
1342:
1340:
1339:
1334:
1329:
1327:Garlic routing
1324:
1319:
1314:
1309:
1304:
1299:
1294:
1289:
1284:
1279:
1274:
1269:
1264:
1259:
1254:
1249:
1247:Secure channel
1244:
1238:
1237:
1236:
1225:
1220:
1215:
1210:
1208:Key stretching
1205:
1200:
1195:
1190:
1185:
1180:
1175:
1174:
1173:
1168:
1158:
1156:Cryptovirology
1153:
1148:
1143:
1141:Cryptocurrency
1138:
1133:
1128:
1127:
1126:
1116:
1111:
1105:
1103:
1099:
1098:
1093:
1091:
1090:
1083:
1076:
1068:
1061:
1060:
1057:
1056:
1053:
1052:
1050:
1049:
1044:
1039:
1034:
1029:
1024:
1019:
1014:
1009:
1003:
1001:
997:
996:
994:
993:
988:
983:
978:
973:
968:
962:
960:
956:
955:
953:
952:
947:
942:
937:
932:
927:
921:
919:
915:
914:
911:
910:
908:
907:
902:
897:
890:
888:Merkle–Hellman
885:
880:
875:
870:
865:
860:
855:
849:
847:
843:
842:
840:
839:
834:
829:
824:
819:
814:
809:
803:
801:
785:
784:
782:
781:
776:
771:
766:
761:
756:
755:
754:
744:
739:
734:
733:
732:
727:
717:
712:
711:
710:
705:
695:
690:
685:
680:
674:
672:
666:
665:
663:
662:
657:
652:
647:
642:
637:
635:Naccache–Stern
632:
627:
622:
617:
612:
607:
601:
599:
590:
586:
585:
580:
578:
577:
570:
563:
555:
540:
539:
490:
479:
446:David Mazières
436:
434:
431:
430:
429:
424:
419:
414:
409:
407:Key management
404:
399:
394:
389:
382:
379:
336:
333:
274:
271:
265:developed the
223:
220:
217:
190:
189:
186:
175:
154:
151:
121:
120:
56:. Please help
42:
40:
33:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
1468:
1457:
1454:
1452:
1449:
1448:
1446:
1427:
1419:
1418:
1415:
1409:
1408:Steganography
1406:
1404:
1401:
1399:
1396:
1394:
1391:
1389:
1386:
1384:
1381:
1379:
1376:
1374:
1371:
1369:
1366:
1364:
1363:Stream cipher
1361:
1359:
1356:
1354:
1351:
1350:
1348:
1344:
1338:
1335:
1333:
1330:
1328:
1325:
1323:
1322:Onion routing
1320:
1318:
1315:
1313:
1310:
1308:
1305:
1303:
1302:Shared secret
1300:
1298:
1295:
1293:
1290:
1288:
1285:
1283:
1280:
1278:
1275:
1273:
1270:
1268:
1265:
1263:
1260:
1258:
1255:
1253:
1250:
1248:
1245:
1242:
1239:
1234:
1231:
1230:
1229:
1226:
1224:
1221:
1219:
1216:
1214:
1211:
1209:
1206:
1204:
1201:
1199:
1198:Key generator
1196:
1194:
1191:
1189:
1186:
1184:
1181:
1179:
1176:
1172:
1169:
1167:
1164:
1163:
1162:
1161:Hash function
1159:
1157:
1154:
1152:
1149:
1147:
1144:
1142:
1139:
1137:
1136:Cryptanalysis
1134:
1132:
1129:
1125:
1122:
1121:
1120:
1117:
1115:
1112:
1110:
1107:
1106:
1104:
1100:
1096:
1089:
1084:
1082:
1077:
1075:
1070:
1069:
1066:
1062:
1048:
1045:
1043:
1040:
1038:
1035:
1033:
1030:
1028:
1025:
1023:
1020:
1018:
1015:
1013:
1010:
1008:
1005:
1004:
1002:
998:
992:
989:
987:
984:
982:
979:
977:
974:
972:
969:
967:
964:
963:
961:
957:
951:
948:
946:
943:
941:
938:
936:
933:
931:
928:
926:
923:
922:
920:
916:
906:
903:
901:
898:
895:
891:
889:
886:
884:
881:
879:
876:
874:
871:
869:
866:
864:
861:
859:
856:
854:
851:
850:
848:
844:
838:
835:
833:
830:
828:
825:
823:
820:
818:
815:
813:
810:
808:
805:
804:
802:
800:
795:
790:
786:
780:
777:
775:
772:
770:
767:
765:
762:
760:
757:
753:
750:
749:
748:
745:
743:
740:
738:
735:
731:
728:
726:
723:
722:
721:
718:
716:
713:
709:
706:
704:
701:
700:
699:
696:
694:
691:
689:
686:
684:
681:
679:
676:
675:
673:
671:
667:
661:
660:Schmidt–Samoa
658:
656:
653:
651:
648:
646:
643:
641:
638:
636:
633:
631:
628:
626:
623:
621:
620:Damgård–Jurik
618:
616:
615:Cayley–Purser
613:
611:
608:
606:
603:
602:
600:
598:
594:
591:
587:
583:
576:
571:
569:
564:
562:
557:
556:
553:
549:
545:
528:
525:
520:
515:
511:
507:
506:
501:
494:
491:
488:
483:
480:
468:
462:
457:
456:
451:
447:
441:
438:
432:
428:
425:
423:
420:
418:
415:
413:
410:
408:
405:
403:
400:
398:
395:
393:
392:PGP word list
390:
388:
385:
384:
380:
378:
376:
372:
367:
365:
359:
357:
351:
349:
344:
342:
334:
332:
328:
326:
322:
318:
314:
310:
305:
303:
299:
295:
291:
286:
284:
279:
272:
270:
268:
267:PGP word list
264:
260:
258:
252:
250:
245:
241:
239:
235:
229:
221:
216:
214:
210:
205:
203:
199:
195:
187:
184:
180:
176:
173:
169:
165:
160:
159:
158:
152:
150:
148:
144:
140:
136:
132:
128:
117:
106:
103:
99:
96:
92:
89:
85:
82:
78:
75: –
74:
70:
69:Find sources:
63:
59:
55:
49:
48:
47:single source
43:This article
41:
37:
32:
31:
19:
1358:Block cipher
1203:Key schedule
1193:Key exchange
1183:Kleptography
1146:Cryptosystem
1095:Cryptography
1047:OpenPGP card
1027:Web of trust
1016:
683:Cramer–Shoup
530:. Retrieved
504:
493:
482:
471:. Retrieved
454:
440:
368:
360:
352:
345:
338:
329:
306:
298:web of trust
287:
280:
276:
261:
253:
246:
242:
238:authenticate
231:
206:
191:
156:
130:
124:
111:
101:
94:
87:
80:
68:
44:
1346:Mathematics
1337:Mix network
1017:Fingerprint
981:NSA Suite B
945:RSA problem
822:NTRUEncrypt
323:addresses,
209:hexadecimal
1445:Categories
1297:Ciphertext
1267:Decryption
1262:Encryption
1223:Ransomware
971:IEEE P1363
589:Algorithms
532:January 2,
473:2006-12-23
461:PostScript
433:References
325:file names
139:public key
84:newspapers
1287:Plaintext
358:attacks.
147:Microsoft
114:June 2014
54:talk page
1426:Category
1332:Kademlia
1292:Codetext
1235:(CSPRNG)
1032:Key size
966:CRYPTREC
883:McEliece
837:RLWE-SIG
832:RLWE-KEX
827:NTRUSign
640:Paillier
381:See also
249:database
234:Internet
1102:General
878:Lamport
858:CEILIDH
817:NewHope
764:Schnorr
747:ElGamal
725:Ed25519
605:Benaloh
375:hashsum
364:SHA-256
98:scholar
1213:Keygen
1000:Topics
976:NESSIE
918:Theory
846:Others
703:X25519
294:Groove
100:
93:
86:
79:
71:
1243:(PRN)
812:Kyber
807:BLISS
769:SPEKE
737:ECMQV
730:Ed448
720:EdDSA
715:ECDSA
645:Rabin
417:X.509
202:SHA-1
183:SHA-2
179:SHA-1
168:X.509
135:bytes
105:JSTOR
91:books
1012:OAEP
986:CNSA
863:EPOC
708:X448
698:ECDH
534:2018
527:3972
510:IETF
321:IPv6
129:, a
77:news
1022:PKI
905:XTR
873:IES
868:HFE
799:SIS
794:LWE
779:STS
774:SRP
759:MQV
742:EKE
693:DSA
678:BLS
650:RSA
625:GMR
524:RFC
514:doi
467:ACM
313:SFS
311:or
309:CGA
304:).
292:or
290:PGP
283:PKI
263:PGP
213:SSH
200:or
198:MD5
194:RSA
181:or
164:PGP
125:In
60:by
1447::
853:AE
688:DH
522:.
508:.
502:.
448:;
259:.
174:).
1087:e
1080:t
1073:v
796:/
791:/
574:e
567:t
560:v
536:.
516::
476:.
463:)
459:(
185:.
116:)
112:(
102:·
95:·
88:·
81:·
64:.
50:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.