Friday, January 6, 2012

Spieglein - Sharing public keys via display and webcam (or so)

Sharing (cryptographic) keys is still mandatory in or cryptography landscape.
A nice exmaple is our ~/.ssh/authorized_keys file which contains a list of public ssh keys which are allowed to login.
One way to exchange those keys is using ssh-copy-id.

Another one is using a webcam and some display - like the ones found in laptops or mobile phones (but even white paper works ;)
The principle is quite simple, just QR encode your public key and point the webcam at the screen to get a picture of the QR encoded public key and decode it.
Voila you've got your own copy of the public key. And it's quite hard to intersect photons on their way from the display to the webcam, so your copy can be trusted.

It is as easy as encoding the image
$ bash 

This results in a image like this:

Now, on the receiving computer, run
$ ./look_for_qr.vala
And point the webcam at the surface displaying the QR code in question ...

You might need to install some dependencies using
$ sudo yum install -y vala glib2-devel qrencode \

Just look here for a working example.

No comments:

Post a Comment