-
Notifications
You must be signed in to change notification settings - Fork 195
The personal key
Throughout Kontalk you must have read something talking about a personal key, fingerprints, identity information and other stuff like that.
After decades of using username and passwords to identify, those tools are now deprecated: attack vectors become more complex every day so we must use more secure ways to identify each other. Public key cryptography comes in our help.
Public key cryptography is a relatively new way of doing encryption. It involves two keys, one secret (the private key, which must be kept secret at all times) and one public (the public key, which can and should be spread).
The public key is used by message senders to encrypt messages intended to you.
The private key is used only by you to decrypt those messages.
This way, you don't have to share a secret (e.g. a common password) with your buddies.
A personal key is identified by a unique number, called a fingerprint. Because this number is very long, it's converted to hexadecimal base and split into blocks to help reading it:
37D0 E678 CDD1 9FB9 B182 B380 4C95 39B4 01F8 229C
When you get an invitation from a user that wants to chat, Kontalk shows you a fingerprint just like that one. In order to verify that the user is indeed who he/she pretends to be, you'll have to communicate to him/her through some other channel (e.g. telephone or face to face) and make sure the fingerprint matches (you can see your own fingerprint from Kontalk main screen by choosing Menu > My personal key).
- Desktop client
- FAQ (de, sr, es,)
- The personal key (de, sr, es)
- Export personal key to another device (de, it, nl, sr, es)
- Android client permissions (de, nl, sr, es)