def verify_fingerprints(tx_fp: bytes, # User's fingerprint
rx_fp: bytes # Contact's fingerprint
) -> bool: # True if fingerprints match, else False
"""\
Verify fingerprints over an authenticated out-of-band channel to
detect MITM attacks against TFC's key exchange.
MITM or man-in-the-middle attack is an attack against an inherent
problem in cryptography:
Cryptography is math, nothing more. During key exchange public keys
are just very large numbers. There is no way to tell by looking if a
number (received from an untrusted network / Networked Computer) is
the same number the contact generated.
Public key fingerprints are values designed to be compared by humans
either visually or audibly (or sometimes by using semi-automatic
means such as QR-codes). By comparing the fingerprint over an
authenticated channel it's possible to verify that the correct key
was received from the network.
"""
m_print("To verify received public key was not replaced by an attacker, "
"call the contact over an end-to-end encrypted line, preferably Signal "
"(https://signal.org/). Make sure Signal's safety numbers have been "
"verified, and then verbally compare the key fingerprints below.",
head_clear=True, max_width=49, head=1, tail=1)
print_fingerprint(tx_fp, " Your fingerprint (you read) ")
print_fingerprint(rx_fp, "Purported fingerprint for contact (they read)")
return yes("Is the contact's fingerprint correct?")
def show_fingerprints(window: 'TxWindow') -> None:
"""Print domain separated fingerprints of public keys on TxM.
Comparison of fingerprints over authenticated channel can be
used to verify users are not under man-in-the-middle attack.
"""
if window.type == WIN_TYPE_GROUP:
raise FunctionReturn('Group is selected.')
if window.contact.tx_fingerprint == bytes(FINGERPRINT_LEN):
raise FunctionReturn(f"Pre-shared keys have no fingerprints.")
clear_screen()
print_fingerprint(window.contact.tx_fingerprint,
" Your fingerprint (you read) ")
print_fingerprint(window.contact.rx_fingerprint,
"Contact's fingerprint (they read)")
print('')
def verify_fingerprints(tx_fp: bytes, rx_fp: bytes) -> bool:
"""\
Verify fingerprints over out-of-band channel to
detect MITM attacks against TFC's key exchange.
:param tx_fp: User's fingerprint
:param rx_fp: Contact's fingerprint
:return: True if fingerprints match, else False
"""
clear_screen()
message_printer("To verify received public key was not replaced by attacker in network, "
"call the contact over end-to-end encrypted line, preferably Signal "
"(https://signal.org/). Make sure Signal's safety numbers have been "
"verified, and then verbally compare the key fingerprints below.", head=1, tail=1)
print_fingerprint(tx_fp, " Your fingerprint (you read) ")
print_fingerprint(rx_fp, "Purported fingerprint for contact (they read)")
return yes("Is the contact's fingerprint correct?")