Fingerprint

From InfoAnarchy
Jump to: navigation, search

See also: Identity | Security | Cryptography | PGP/GPG

A "Fingerprint," like on a person's hand, is used to identify a person via something very small or obscure. In computers, it is used as unique identifiers to determine if a certificate or PGP key has been tampered with via a string of unique characters. A different Fingerprint results if the contents of the certificate or key change in any way. This is accomplished using a hash function. Many people list their PGP fingerprint at the bottom of their e-mails to protect against someone else interfering with the use of their key, also known as a Man-In-The-Middle Attack. This is much easier than searching the entire block of text for differences.

Web browsers and S/MIME-compatible e-mail that use SSL certificates also have fingerprints.

Appearance

The fingerprint itself often looks like a series of numbers and letters A through F that certificates and public/private.

A PGP key fingerprint looks like this:

DFF3 30DD A34F 7F4A 88FF 934F 98B1 AFE2 3218 A4FA

Most browser/S/MIME fingerprints:

D3:F3:FF:3A:0F:AE:CE:C2:22:42:3A:3F:13:3F:F4:EE

SSH fingerprints:

xetar-dibup-lizav-gulaz-fosud-lekuf-patir-zypem-fyzed-seled-hoxex


Technical note: MD5 fingerprints use 16 sets of two characters while SHA1 fingerprints use 20. SHA is generally considered better.

Related