The drunken bishop: An analysis of the OpenSSH fingerprint visualization algorithm
Dirk Loss, Tobias Limmer, Alexander von Gernler
September 20, 2009
Abstract
OpenSSH 5.1 introduced an ASCII-based visualization method for the
remote servers’ public key fingerprints. We explain the algorithm used to visualize the fingerprints and present some initial findings about its properties. Based on a Markov model and some brute-force attacks we were only able to produce some basic results. But we hope that our analysis will spur further research on this topic, so that eventually it will be found out whether the (heuristically designed) algorithm is secure enough for this purpose