3.6 Sighchain Fingerprints

A sighchain fingerprint summarizes a user’s sighchains. It is constructed as a hash of the user’s user sighchain and account sighchain tails (note that this includes the user’s present and past email addresses, as well as the current ADN due to the reference in the account sighchain). Sighchain fingerprints are useful in two contexts: to verify new devices before approving, and to verify the keys used to communicate with other users.

During the device addition and approval process, a malicious insider has the opportunity to conduct a MitM attack. After the new device is added, the insider creates a copy of the user’s sighchain but replaces the keys in the final DeviceAdd link with keys controlled by the attacker, using the same device name. The forged copy is served to older devices while the honest sighchain is served to the new device. When the older device sees the approval interface, only the device name is shown, and so the user may be tricked into accepting the server’s device unintentionally (which would imply sharing all previously encrypted data with the attacker). However, in this case the two devices would necessarily display different fingerprints (as they bind to sighchains containing different keys, and the hash is collision resistant). Users concerned about MitM attacks can check, before approving new devices, that the fingerprint shown on the approving device matches the one from the device(s) they intend to approve. This ensures that an attacker cannot interfere with the process and gain access to historical encrypted data.