Forums Community Zero-knowledge Reply To: Zero-knowledge

#6238 Reply

Hjalmar

Concerning fingerprint support etc, it requires a little bit of extra consideration. Please read my blog post on the subject for a longer discussion: https://www.axcrypt.net/blog/encryption-and-biometrics/ .

I don’t think I made myself clear. 😉

I was thinking more along the lines of a PGP-style fingerprint [thumbprint] to ensure that the user is certain he’s communicating with the correct user, e.g. 0x937261. I wasn’t thinking of a biometric system.

I know AxCrypt is essentially a simplified (that’s a good thing!) version of PGP which is why I thought of hiding the fingerprint behind another menu; i.e. there for users who want to take the extra step but not visible by default to avoid confusion.

AxCrypt in this regard suffers a similar problem to iMessage or Facetime: you can’t verify the fingerprint of the other party and thus the security is somewhat weakened. WhatsApp, Signal and other messaging apps do allow you to verify the fingerprint of the recipient.

Further comments welcome. We will be developing along these lines, but we some other priorities currently – most notably Mac OS X support which is coming soon!

I’ll watch this space. 👍