Drunken Bishop (2023)

Summary

The OpenSSH project is a widely available tool for working with the SSH protocol in a variety of ways on a variety of operating systems. Their project description states: OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options. One of the interesting features that it contains is a method of visualizing public key fingerprints to allow a user to more easily see that a key has changed by examining a visual output that looks something like this: +----[RSA 2048]---+ | . o.+o .| | . + * +o...| | + * .. ... | | o + . . | | S o . | | o . | | . o| | .o| | Eo| +------[MD5]------+ This is the Drunken Bishop algorithm, a variant of a technique called random art that was originally described in the paper Hash Visualization: a New Technique to improve Real-World Security. You can see more information about it in The drunken bishop: An analysis of the OpenSSH fingerprint visualization algorithm. This OpenSSH feature is controlled by the VisualHostKey flag: VisualHostKey If this flag is set to yes, an ASCII art representation of the remote host key fingerprint is printed in addition to the fingerprint string at login and for unknown host keys. If this flag is set to no (the default), no fingerprint strings are printed at login and only the fingerprint string will be printed for unknown host keys. This can be enabled by adding to your ~/.ssh/config: VisualHostKey yes Or by adding this option in your ssh command: $ ssh -o VisualHostKey=yes your.host.name Implementation We are going to be implementing this in the Factor programming language. The algorithm begins by defining a visual board – by default 9 rows by 17 columns – and a starting position in the middle of the board. Each 8-bit byte of input is split into 2-bit g...