Easy to remember fingerprints for data?

Question

I need to create fingerprints for RSA keys that users can memorize or at least easily recognize. The following ideas have come to mind:

• Break the SHA1 hash into portions of, say 4 bits and use them as coordinates for Bezier splines. Draw the splines and use that picture as a fingerprint.
• Use the SHA1 hash as input for some fractal algorithm. The result would need to be unique for a given input, i.e. the output can't be a solid square half the time.
• Map the SHA1 hash to entries in a word list (as used in spell checkers or password lists). This would create a passphrase consisting of real words.
• Instead of a word list, use some other large data set like Google maps (map the SHA1 hash to map coordinates and use the map region(s) as a fingerprint)

Any other ideas? I'm sure this has been implemented in one form or another.

Answer 1

OpenSSH contains something like that, under the name "visual host key". Try this:

ssh -o VisualHostKey=yes somesshhost

where somesshhost is some machine with a SSH server running. It will print out a "fingerprint" of the server key, both in hexadecimal, and as an ASCII-art image which may look like this:

+--[ RSA 2048]----+
|   .+            |
|   + o           |
|  o o +          |
|   + o +         |
|  . o E S        |
|   + * .         |
|    X o .        |
|   . * o         |
|   .o .          |
+-----------------+

Or like this:

+--[ RSA 1024]----+
|        .*BB+    |
|       . .++o    |
|        = oo.    |
|       . =o+..   |
|        So+..    |
|        ..E.     |
|                 |
|                 |
|                 |
+-----------------+

Apparently, this is inspired from techniques described in this article. OpenSSH is opensource, with a BSD-like license, so chances are that you could simply reuse their code (it seems to be in the key.c file, function key_fingerprint_randomart()).

Answer 2

For item 3 (entries in a word list), see RFC-1751 - A Convention for Human-Readable 128-bit Keys, which notes that

The authors of S/Key devised a system to make the 64-bit one-time password easy for people to enter.

Their idea was to transform the password into a string of small English words. English words are significantly easier for people to both remember and type. The authors of S/Key started with a dictionary of 2048 English words, ranging in length from one to four characters. The space covered by a 64-bit key (2^64) could be covered by six words from this dictionary (2^66) with room remaining for parity. For example, an S/Key one-time password of hex value:

    EB33 F77E E73D 4053

would become the following six English words:

    TIDE ITCH SLOW REIN RULE MOT

You could also use a compound fingerprint to improve memorability, like english words followed (or preceeded) by one or more key-dependent images.

For generating the image, you could use things like Identicon, Wavatar, MonsterID, or RoboHash.

Example:

TIDE ITCH SLOW

REIN RULE MOT