[cryptography] PGP word list

ianG iang at iang.org
Wed Feb 18 07:20:41 EST 2015


On 18/02/2015 10:32 am, Ryan Carboni wrote:
> Can't trust anything, except the mail.
>
> Only solution: personally encrypt messages by hand, using computers and
> GPG only for transmitting master keys if the keys cannot be delivered in
> person.
>
> https://en.wikipedia.org/wiki/PGP_word_list


Wow.  I never even knew that existed!

Is there any experience of of the word list in use?  Any research?

On the face of it, it would make things a lot easier for ordinary people 
to share that hex stuff when doing known key exchanges.

An observation:  calling it the PGP word list is just boring.  It needs 
an exciting name that gets people looking it up out of curiosity.



For my own experiences:  with mobile we went through various 
incarnations to transfer small keys (not share known keys) and settled 
finally on a 4 * 26 character alphabet code.  The reason for this was 
that most small phones have a switch from numbers to letters, so are 
really clunky.  And letters are bigger than numbers, so stick with letters.

On the initiating phone it prints the code in huge letters and 
underneath the phonetics in smaller type.



iang


More information about the cryptography mailing list