Innovation and design

An idea for human-friendly hex strings in cryptographic key fingerprints

by | Published

The email address and PGP key fingerprint of journalists in an alphabetical list on the Guardian web site at https://www.theguardian.com/pgp in May 2021. The fingerprint is shown as a hexadecimal string.

Hexadecimal or hex strings are a base-16 representation of a number. For decades software engineers having written them using numbers 0-9 for the first ten values of each hex digit and letters a-f to represent the remaining six.

The idea proposed in this article is a new form of hex string where additional letters replace the numbers. The proposed form of hex string consists of letters only.

The intent is to make the string more usable or human-friendly. The new form is proposed for cases where the string is presented to humans for inspection or comparison, for example in visual checking of a cryptographic key fingerprint and perhaps in passwords.

See the earlier article [LEPRON] for more on checking key fingerprints and other applications.

The idea here is based on the premise that a string of of pure letters or pure numbers is better for human usability than a string of mixed letters and numbers. [BLANCHARD]

Computer scientists may want to perform mental arithmetic on hex values or to know the underlying binary value. For example they would know that ‘ff’ represents eight bits, all set to 1. For them the traditional form is useful.

But for a non-technical user viewing a cryptographic hash, there is no numerical meaning. The only mental operation to perform on it is comparison. Is it the same or different to another hash? The numeric values in the underlying binary string are irrelevant to this.

The table shows a proposed mapping from number to letter. The letters chosen are:

The intent is to maximise the chance of runs of letters that resemble words, or parts of words.

Table 1: A possible mapping from a traditional numeric hex digit to a more human-friendly letter.
Digit Letter
0 o
1 i
2 t
3 m
4 r
5 l
6 n
7 s
8 u
9 y

The figure shows a page on the Guardian website with a list of the PGP key fingerprints of its journalists, as hex strings.

As an example, below is the first part of the first fingerprint with its translation into the proposed form.

3daf 842a daaf 190d ab13 d701
mdaf urta daaf iyod abim dsoi

References

Links to these are below

[BLANCHARD]
Consonant-Vowel-Consonants for Error-Free Code Entry, Nikola Blanchard, Leila Gabasova, Ted Selker, HCI International, July 2019, Orlando, USA
[LEPRON]
Lepron, a project to develop pronounceable pseudowords for representing binary strings - Part 1: introduction and goals, Stephen Hewitt, Cambridge Clarion, 2 July 2021

Related articles

External links