An idea for human-friendly hex strings in cryptographic key fingerprints
by Stephen Hewitt | Published
Hexadecimal or hex strings are a base-16 representation of a number. For decades software engineers having written them using numbers 0-9 for the first ten values of each hex digit and letters a-f to represent the remaining six.
The idea proposed in this article is a new form of hex string where additional letters replace the numbers. The proposed form of hex string consists of letters only.
The intent is to make the string more usable or human-friendly. The new form is proposed for cases where the string is presented to humans for inspection or comparison, for example in visual checking of a cryptographic key fingerprint and perhaps in passwords.
See the earlier article [LEPRON] for more on checking key fingerprints and other applications.
The idea here is based on the premise that a string of of pure letters or pure numbers is better for human usability than a string of mixed letters and numbers. [BLANCHARD]
Computer scientists may want to perform mental arithmetic on hex values or to know the underlying binary value. For example they would know that ‘ff’ represents eight bits, all set to 1. For them the traditional form is useful.
But for a non-technical user viewing a cryptographic hash, there is no numerical meaning. The only mental operation to perform on it is comparison. Is it the same or different to another hash? The numeric values in the underlying binary string are irrelevant to this.
The table shows a proposed mapping from number to letter. The letters chosen are:
- all the vowels and 'y'
- those with higher frequencies in a dictionary
The intent is to maximise the chance of runs of letters that resemble words, or parts of words.
The figure shows a page on the Guardian website with a list of the PGP key fingerprints of its journalists, as hex strings.
As an example, below is the first part of the first fingerprint with its translation into the proposed form.
3daf 842a daaf 190d ab13 d701 mdaf urta daaf iyod abim dsoi
Links to these are below
- Consonant-Vowel-Consonants for Error-Free Code Entry, Nikola Blanchard, Leila Gabasova, Ted Selker, HCI International, July 2019, Orlando, USA
- Lepron, a project to develop pronounceable pseudowords for representing binary strings - Part 1: introduction and goals, Stephen Hewitt, Cambridge Clarion, 2 July 2021