Skip to content
webratte edited this page Jun 28, 2015 · 8 revisions

This page is under construction.

What is the personal key?

Throughout Kontalk you must have read something talking about a personal key, fingerprints, identity information and other stuff like that.

After decades of using username and passwords to identify, those tools are now deprecated: attack vectors become more complex every day so we must use more secure ways to identify each other. Public key criptography comes in our help.

Public key criptography in a nutshell

Public key criptography is a relatively new way of doing encryption. It involves two keys, one secret (the private key, which must be kept secret at all times) and one public (the public key, which can and should be spread).

The public key is used by message senders to encrypt messages intended to you.
The private key is used only by you to decrypt those messages.

This way, you don't have to share a secret (e.g. a common password) with your buddies.

How does this help mutual identification?

A personal key is identified by a unique number, called a fingerprint. Because this number is very long, it's converted to hexadecimal base and splitted into blocks to help reading it:

37D0 E678 CDD1 9FB9 B182 B380 4C95 39B4 01F8 229C

When you get an invitation from a user that wants to chat, Kontalk shows you a fingerprint just like that one. In order to certify that your buddy is indeed who he/she wants to be, you'll have to talk to him/her through other means (e.g. telephone or face to face) and ask if his/her fingerprint matches (anyone can see his/her own fingerprint from Kontalk main screen by choosing Menu > My personal key).

Clone this wiki locally