While playing around with SSH and Git, I reflected on how SSH’s key fingerprints are essentially an early form of identicon:
The key fingerprint is: SHA256:xtaA8biLm/Jktn9A/j2sty686uosrRtz0GQIFw6nP2s root@bionic The key's randomart image is: +---[RSA 4096]----+ |o +. . | | B . = | |. o o o o | | . + .o o | | + .o. S . | | + .o+ | | E.* .+ o | | .oO.+ = = | | oBO++oo*oo | +----[SHA256]-----+
This made me want to write a blog post about how, now that we have GPU-accelerated terminal emulators1
and a wide variety of identicon libraries2, it would be cool to modularize the SSH key fingerprint generation algorithm.
Imagine defining an executable inside your
.ssh/config file in addition to an existing
VisualHostKey=yes option that,
when invoked, would take a public key on stdin and produce an image file on stdout to be displayed directly in your terminal
I’m not the first person to consider modern SSH fingerprint algorithms. Cipriani3 has a thorough article on the subject that references the original implementation and paper4. Cipriani provides their own implementation using Unicode characters and colors, but ultimately concludes with a noteworthy point:
I think the problem of memory persists. We’re good at remembering regular pictures, but do abstract pictures count as regular?
This reminded me of something I’ve thought of before but haven’t put into words until now. We have the ability to generate fake pictures of people56, and humans are decent at remembering faces. At least, from anecdotal evidence, I think I’m more likely to remember a face than an abstract pattern.
You’ve probably seen Wavatars before7, even if you didn’t know the name for them at the time. I assume that Wavatars were and are widely used because they are memorable (and because of an innate human desire to create things after our likeness). It seems logical that, if we want to make sure SSH keys come from a certain human, making the key fingerprints themselves look like humans would be useful.
Imagine an identicon algorithm that generated realistic human faces. If you saw that identicon on a regular basis, and it suddenly changed, would you notice? Is the probability of you noticing greater than if you were to use an existing abstract/geometric identicon algorithm instead?
For lack of effort, I’ll refer to these as “AI face identicons”.
The main outstanding barriers are:
- A face-generation algorithm usable on hardware-constrained devices
- A face-generation algorithm that is deterministic and seedable
- (seedable with some non-trivial amount of entropy)
- Storage/caching of public key fingerprint image data
I leave the rest as an exercise to the reader 😉
Hash Visualization: a New Technique to improve Real-World Security “Hash Visualization: a New Technique to improve Real-World Security”. ↩︎