Visual Hash Turns Text Or Data Into Abstract Art

Makoss writes "Normal cryptographic hash functions turn any input text or data into a compact set of bits; useful for computers, not useful for humans. Visual hash functions turn data into graphical representations which are more easily recognizable and memorable to humans. You've seen Identicons and other simple geometric image generators already, but Vash takes the technique beyond basic geometry and produces some really striking images."

Obligatory

Hash turns a lot of things into abstract art.

Re:Obligatory

[rbrausse]

but the abstract art of my PGP pub key is *ugly*. It is hard enough to keep track of all keys, the want for nice "vashes" add a whole new layer of complexity...

Re:Obligatory

[onefineline]

I don't think you understood the parent's comment...

Re:Obligatory

[B1oodAnge1]

I'm still giggling :-D

Re:Obligatory

[camperdave]

I much prefer this Vash to any of the samples.

Re:Obligatory

[LongearedBat]

Vvaassshhhh.... (excuse the almost-pun)

Pretty but...

Is there any way to get the data back out again? or is it for visualization/differentiation?

Re:Pretty but...

[fuzzyfuzzyfungus]

Unless the name is grossly misleading, "hash" implies one way, by design.

With a suitably poorly designed hash algorithm, it may be possible to extract certain outputs; but that's a bug, not a feature(also, assuming the hash produces outputs of some limited size and accepts inputs of size bounded only by your computational resources and patience, as they tend to, it is easy to see that it cannot be reversible in general because the set of possible inputs is vastly larger than the set of possible outputs, so it must be the case that multiple inputs map to the same output, so there is no unambiguous "back" for that output...) .

Re:Pretty but...

[reiisi]

(Why the readme file is README.md, I can't guess.)

After downloading and reading bits of the docs (but not the code), it appears that it hashes the data you give it (SHA-1 or MD5) and builds the graphic based on the hash.

(You specify the hashing algorithm by a parameter, and, no, they don't recommend the parameter that specifies MD5. I didn't read far enough to guess as to why the parameter is not the name of the algorithm.)

So, since it appears that not every geek here is familiar with hashing (Huh?), I'll point out the obvious: The hash does not give enough information to reproduce the original data. (But what about very short inputs, like passwords, which they, erm, suggest?) Also, since the hash is cryptographically hard, reversing it is rather difficult even if you can afford to search through the pseudo-reversion set.

Re:Pretty but...

[terrence2]

(Why the readme file is README.md, I can't guess.)

.md is the extension for MarkDown, which github automatically turns into pretty html.

(You specify the hashing algorithm by a parameter, and, no, they don't recommend the parameter that specifies MD5. I didn't read far enough to guess as to why the parameter is not the name of the algorithm.)

The algorithm string also controls the node frequencies of the guided random walk that builds the function tree. Different algorithm specifiers can give you wildly different looking images. At the moment, it just changes the hash function, but future versions will add new node types and need a way to those parameters to generate backwards-compatible images.

Re:Pretty but...

[cababunga]

(Why the readme file is README.md, I can't guess.)

http://daringfireball.net/projects/markdown/

Re:Pretty but...

[reiisi]

MarkDown -- okay, I see I need to use github more.

Might want to give a nod to the node-walk in the readme, and you may want to add sub-parameters, including, not just a set of good node frequencies or other parameters of the node walk, am I making sense?, but also, perhaps, a salt file to help work with short input sets like passwords and passphrases and account numbers and such.

(Started to add PINs to that list, but now I'm thinking that's a really bad idea. On the other hand, this sort of thing suggests the possiblitiy of a portable feedback salt for ATMs and the like. Such a salt would not affect the authentication process, but would affect the feedback, as a way to make it harder for people behind or around you to get a visual on a PIN. Heh. Shades of Mac OS 10.2 login, except the obfuscation up front instead of behind.)

Re:Pretty but...

[terrence2]

... and you may want to add sub-parameters, including, not just a set of good node frequencies or other parameters of the node walk, am I making sense?

I've already got an issue in the tracker for that :-). I want to make the full suite of low-level parameters tweakable through a special algorithm string, so that people can make their own unique stylings using Vash's generator, without having to do any coding.

Re:Pretty but...

[GooberToo]

Hash does not imply one way. Not all hashes are cryptographically safe. Nor or all hashes guaranteed to be collision free or even resistant.

I don't think hash means what you think it does.

Re:Pretty but...

[fuzzyfuzzyfungus]

"Hash" the word doesn't imply much of anything; but any function with for which the set of legal inputs is larger than the set of possible outputs must be one-way in general(there may be a number, potentially a very large one, of special cases that are reversible; but it cannot be reversible in general). Most functions described as hash functions fall into that category. They may well have other problems, like making it quite easy to construct inputs that yield a desired output, or having a set of reversible special-cases that happens to overlap heavily with the set of inputs that humans consider relevant...

Fact.

[fuzzyfuzzyfungus]

Bruce Schneier just replaced his copy of Photoshop with /dev/random and a copy of Vash...

Re:Fact.

[TopSpin]

Bruce Schneier doesn't use Photoshop. He only has to think about an image and it will comply with his wishes.

Re:Fact.

[R4wBon3]

Please tell me that was not supposed to sound like you replaced Chuck Norris with Bruce Schneier. -- Do not cross the meme streams!!

Re:Fact.

Bruce Schneier generates collisions with his fists.

Security

[ultranova]

Well, to be secure, you'll want to hash your data with a standard hash algorithm, and then submit the hash to this "vash" thing. Who knows, it might actually be useful, once the actual hashing algorithm is separate from representation.

Re:Security

[terrence2]

It uses SHA512 internally to normalize the input data, so you get all the benefits of a normal hash as well as a pretty image.

Re:Security

[fuzzyfuzzyfungus]

What's too bad is that the system is (comparatively) slow: having a new vash computed on the contents of (say) a password field after each keystroke would make entering passwords under error-prone conditions(such as touchscreen keyboards, or pitiful human weakness) much, much, easier without being nearly as insecure as the prevailing "show the last character entered until you enter the next one" scheme.

Since humans are pretty good at visual recognition, they'd pick up that the picture was 'wrong' after a typo almost immediately; but the shoulder-surfer would learn substantially less than they otherwise would.

Re:Security

(Just to save anybody the trouble of correcting me, it would be the case that the sequence of images thus generated would make brute-forcing the password much easier: If you knew the sequence of N images, with M legal characters for the password, you'd only have to do N rounds of between 1 and M guess-and-checks, rather than between 1 and N^M guess-and-checks... So, it would be grossly unsafe to let an attacker have accurate copies of your image sequence. It would still, though, be substantially less unsafe than having the last character display, or having the keys light up when pressed which is bad...)

Re:Security

[reiisi]

I'm thinking they'd want to add a different hashing algorithm for short data like passwords and passphrases, and some sort of salt, as well.

Not ready, as it is, for that application, in spite of the developers suggesting it as a possible application.

Re:Security

[maxwell+demon]

Can't you add that salt yourself, before passing your data to Vash?

This is news?

[Ellis+D.+Tripp]

A sufficient quantity of hash will turn ANYTHING into abstract art, no?

Greate for SSH keys

[Muerte2]

This would be awesome for validating SSH keys. You could flash up an image instead of:

RSA key fingerprint is e2:1b:ec:de:3e:72:1a:9a:4e:82:a0:5f:8f:d3:01:af.

And it would be a much better indicator if the key had changed.

Re:Greate for SSH keys

Don't think so. The whole idea of the "visual hash" is to make a long, complicated hash value into something easier to memorize. As a consequence, you're not memorizing the equal of 128bits (or more, for longer hashes) worth of data when you memorize the picture. So brute-forcing a "collision" is much easier to do when you're trying to duplicate a picture than if you were trying to duplicate an exact hash output. You just need something that looks sufficiently like the target image, which won't be nearly as hard to do.

Re:Greate for SSH keys

[terrence2]

SSH has been generating random ascii art with ssh-keygen for ages now, using basically the same principle. Besides, for most users, this should be way more secure than throwing a raw hex string at them and expecting them to manually diff it against their paper copy.

Re:Greate for SSH keys

Yeah, this is something I've thought about.

I'm lazy, so sometimes I only check hashes (e.g. ssh host fingerprints) by the first half-dozen and last half-dozen hexits -- so I'm really only checking 12*4=48 bits of the hash. Does anyone try attacks by creating near-enough collisions for this sort of case? Obviously it's computationally trivial... guess it depends if enough people like me are lazy enough to make it worthwhile.

Re:Greate for SSH keys

Why does the user need to look at the key (or a representation of it) at all? That's what the .ssh/known_hosts file is for. The SSH client will just tell you if it sees that the host's key changed.

Re:Greate for SSH keys

[t2t10]

Or you just turn on visual hashs in ssh_config. It's ASCII art instead of color images, but that's because you usually use ssh over consoles.

Sexist

Turned my name into some overlapping and ugly gray shapes, turned my SO's name into a bright green square.

Looks good to me.

[Ambvai]

Huh. The AACS key in lower case and spaced with colons looks surprisingly nice.

Texting?

On my droid, when I get a text message, before I unlock the screen, it shows part of the message. Would it be possible to create a picture representation of each different text message a cell phone gets, and display it on the unlock screen?

Looks quite familiar

[Qzukk]

A lot of the examples look like something off of The Random Art Gallery.

Lucky Charms

Gives new meaning to rainbow tables.....

Woops, SHA-512, not SHA-1

[reiisi]

I guess that business about short-term memory and age is not just superstition.

Apologies to anyone who chooses to be offended.

I am the author

[terrence2]

Full disclosure: I am the primary author (probably should have mentioned that before replying to other posts, whoops). I'll be watching the comment stream, if you have any questions.

Re:I am the author

Vash of ' jlkj' is all (or mostly black). :P

Re:I am the author

A good idea would be, to put any questions from here straight to the FAQ. But I think it's a nice algorithm. Although for most normal words or sentences I tried, it produces a pretty bland/uniform thing. I think it would be nice, to see more effects more often. :)
But I also guess, it will receive improvements anyway. :)

I hope it gets as common as reCAPTCHA for security stuff.

I'd recommend writing a plugin that adds a Vash image to the the https certificate fingerprint info etc in Mozilla programs (Firefox, Thunderbird, etc)

Also, KDE and Gnome are obvious targets. :)

small enough input set

[reiisi]

Given a small enough input set, the output of a normal hash approaches 1-to-1. That is a problem.

Better, as you say, than what currently exists, but a problem, nonetheless.

Re:small enough input set

[smallfries]

Not really... When are you relying on collisions to obscure your data?

Re:small enough input set

[fuzzyfuzzyfungus]

If you hashed each character as it was entered, that would be a pretty serious issue(it would basically just reduce the whole thing to a computationally pathological substitution cipher, which would be pretty pointless); but if you re-hash the entire contents of the password field every time a character is added or removed, you merely(if one can use the word to describe such a gigantic loss...) suffer the loss of complexity from N^M guesses to N rounds of M guesses...

SHA-512 and this is the reason for open source

[reiisi]

If you can read the code and compile it yourself (and it is short enough to understand, which it may be), you can be pretty sure that it doesn't harvest short inputs and phone home.

(If it doesn't, that is. I haven't read the source code, yet.)

Not to say that hashing a hash would necessarily be a bad thing for some applications, for instance, add some time to the brute-force approaches that short input become vulnerable to.

Beautiful

[gweihir]

No idea how useful it is going to be. One application I can see is feedback whether you typed in the right password/passphrase before it gets stored (to prevent giving one system the password for a different system). A second one is giving feedback about password/passphrase correctness, again before processing.

standard salt?

[reiisi]

Since universal login is all the rage, the salt is going to have to be standardized somehow.

For applications like universal login, at any rate. (I truly wish the Mozilla group hadn't decided to put that siren in their boat.)

Re:standard salt?

[terrence2]

Since universal login is all the rage, the salt is going to have to be standardized somehow.

Thank you for that: this is something I had not thought of. I've added an issue to the tracker.

The Vash of Slashdot...

[ckret]

...is rather fitting.

Re:The Vash of Slashdot...

[gweihir]

Google is not quite what they would like too....

Re:The Vash of Slashdot...

[ckret]

Just input slashdot (in lower case) into the Vash generator.

restricted texting vocabulary

[reiisi]

What, you only get a total of ten different text messages?

(Or. I guess, maybe you're saying that the set of preview texts for the messages you get is weighted heavily to a small subset?)

Reminds me of visprint

[raph]

I did a couple of things like this back in the mid-90's. One used iterated fractals. I think the original idea was by Ian Goldberg, and I added the coloring.

http://www.tastyrabbit.net/visprint/

But I wasn't satisified by the fact that lots of different hash values produced similar-looking images, so I also cooked up one that had a guarantee that a single-bit change in the hash led to at least a single-bit difference in the image, and came up with these snowflakes:

http://members.shaw.ca/dlakwi/snowflake/snowflake.html

Could be this is a better and slicker implementation than any of this stuff, but the underlying ideas are not quite new.

Re:Reminds me of visprint

[gl4ss]

your system seems slicker. this is just random shapes and really short hashes produce similar images to really long hashes.

looks to be suffering from graphic repetition

[petsounds]

From a quick look at the example hash images, it looks like the code is just randomly choosing placement, coloring and alpha levels of predefined graphic elements. For instance, almost every image I saw had an image of a flower-like object.

While this does make for unique and more pleasing-to-the-eye images, I doubt that humans would feel confident in picking out their unique hash among similar others. The graphical elements themselves would have to be generated via an algorithm for the images to feel truly unique ("feel" being determined by the limitations of human visual processing and pattern recognition abilities).

One of the potential uses listed on the Vash FAQ is to recognize changes in crytographic keys for security purposes. I don't know enough about how the code generates the images to know whether a minor change in the key would generate a completely different picture, or merely move over the flower a little to the left and change the red to a bit lighter hue. If the latter, most would be hard-pressed to spot any difference at a quick glance.

Perhaps having the algorithm also add a unique animation sequence would help make these visual representations more identifiable to users. If a flower's rotation suddenly goes from 6 RPM to 60 RPM, that would be a much quicker tipoff that something has changed.

Re:looks to be suffering from graphic repetition

[petsounds]

After playing around with the "try it yourself" input, it does seem that the generated images differ quite drastically from small changes in the source text. So monitoring changes in keys seems a plausible use.

Re:looks to be suffering from graphic repetition

[terrence2]

Individual bit flips will lead to wildly different images. What's actually going on behind the curtain is: the input data gets run through SHA512, which seeds a Mersenne Twister, which drives a guided random walk over a collection of input nodes to build a tree. Random elements (like position and color) are only a very small part of the algorithm. However, as you note, we really do need more terminal elements, and that is one of the main things I want to do for version 2.

Re:looks to be suffering from graphic repetition

[Ed_1024]

I tried pi and it returned a pretty much blank screen. 42 was much better.

Re:looks to be suffering from graphic repetition

[petsounds]

Thanks for the insight into its inner workings. I hadn't read about Mersenne Twisters before.

What about using diamond-square fractals (e.g. plasma/cloud fractals - http://en.wikipedia.org/wiki/Plasma_fractal) to generate unique terrain? I would think humans might recognize differences in terrain (which our brains have probably evolved to do) more readily than differences in abstract images.

Re:looks to be suffering from graphic repetition

[terrence2]

Thanks for the insight into its inner workings. I hadn't read about Mersenne Twisters before.

You are quite welcome.

What about using diamond-square fractals (e.g. plasma/cloud fractals - http://en.wikipedia.org/wiki/Plasma_fractal) to generate unique terrain? I would think humans might recognize differences in terrain (which our brains have probably evolved to do) more readily than differences in abstract images.

An excellent idea, thank you. I'm always on the lookout for more distinctive shapes to use as inputs and this thread has been most bountiful in that regard.

Re:looks to be suffering from graphic repetition

[VortexCortex]

Random elements (like position and color) are only a very small part of the algorithm.

Tell me more of these non deterministic "random" elements; How exactly can you produce a deterministic resulting image?

Might I suggest you use pseudo-random elements instead? Additionally, I suggest that you take a look at turtle graphics -- You can then easily produce distinct shapes with wildly different "spiro-graph like" images...

Finally, I would suggest creating many significant improvements and then stopping. You know what makes Cryptographic Hashing functions useful? The fact that, given the same inputs, version 0.9alpha and version 99-nonnillion point oh of a SHA-512 implementation will always generate the same results.

::yawn:: Actually, I'm only posting to remove an accidental "redundant" moderation... Carry on, newb.

Re:looks to be suffering from graphic repetition

[terrence2]

Finally, I would suggest creating many significant improvements and then stopping. You know what makes Cryptographic Hashing functions useful? The fact that, given the same inputs, version 0.9alpha and version 99-nonnillion point oh of a SHA-512 implementation will always generate the same results.

This is the purpose of the algorithm string. The same algorithm string and data pairing will produce the same images, regardless of Vash's version.

Re:looks to be suffering from graphic repetition

[fhage]

Perhaps having the algorithm also add a unique animation sequence would help make these visual representations more identifiable to users. If a flower's rotation suddenly goes from 6 RPM to 60 RPM, that would be a much quicker tipoff that something has changed.

I agree the images seem unremarkable and not very memorable. How about using the hash to walk the space of facial parameters, generating character faces instead of curves.

It's amazing how many Mii's one can recognize and remember. Use 2 different hashes and generate a male, female pair.

Re:looks to be suffering from graphic repetition

[terrence2]

It's amazing how many Mii's one can recognize and remember. Use 2 different hashes and generate a male, female pair.

Have you seen RoboHash? It works along the same lines, only with robots.

Re:looks to be suffering from graphic repetition

[VortexCortex]

However, as you note, we really do need more terminal elements, and that is one of the main things I want to do for version 2.

o_O Stop.

I'm sorry, perhaps I took the above statement to mean you would, in fact, be changing the output of Vash in a future version...
Let's face it -- The visuals do need to be improved, do so significantly, then stop.

Perhaps I'm totally off base here, and the currently released version of Vash isn't actually considered a version that your future versions of Vash will have their output compared against... (In which case I'd like to apologize for our discrepancy in versioning terminologies)

Alternatively, I may have incorrectly assumed that the images produced will be improved... (In which case I'd like to apologize for my lack of interest in any future or current version of Vash).

Note: I'd be a fool to use Vash in production now: The visuals need improvement, thus I'll have to keep track of which version of Vash each user is expecting to see the output from.

Re:looks to be suffering from graphic repetition

[terrence2]

If you are building a system that uses hashes that cannot upgrade cleanly when the hash function it is using is compromised, then your system has a serious design problem. Our documentation notes that you should store the algorithm identifier alongside the hash because not doing so is simply wrong, no matter what hash function you are using, visual or otherwise.

Re:looks to be suffering from graphic repetition

[KlomDark]

> ::yawn:: Actually, I'm only posting to remove an accidental "redundant" moderation... Carry on, newb.

I laughed at your sig, it was funny. Then I realized in your next posting that it wasn't a sig.

Why do you got to be like that? That was pretty unnecessary. Teach, don't insult. Life is short. // Turtle graphics? LOL, WUT?

Re:looks to be suffering from graphic repetition

It looks like the API's require an algorithm version string to be passed in all cases, so that future version, when passed the same literal algorithm version string as you pass the current version, could produce the same output as the current version. That's how hashes normally work, you want SHA-1, you select the SHA-1 algorithm, you want SHA-256, you select the SHA-256 algorithm.

Re:looks to be suffering from graphic repetition

Did you even read the post you were replying to?

Re:looks to be suffering from graphic repetition

[mgiuca]

But that's why it's using a cryptographic hash first (SHA-512). The process is text -> SHA-512 hash -> image. Even if the image generation algorithm might only move the flower a little to the left if you change one bit of the hash, it doesn't matter. Because if you change one bit of the text, the hash will completely change, and so will the image. There is no computationally feasible way to change one bit of the hash.

Yes I realise I am more than a week late in posting this.

Obviously computationally trivial?

[reiisi]

Do the hashes turn out to be so predictable as to make it computationally trivial to change an input text in non-obvious ways and produce a cryptographic hash visually near the real hash?

Re:Obviously computationally trivial?

[terrence2]

You would need to find a collision in SHA512 and in the Mersenne Twister, at the same time. So no, I don't think so.

Re:Obviously computationally trivial?

[ewanm89]

No cryptographic hashes, as opposed to any other type of hashing, of which there are many (error correction checksums, etc.), are specifically designed to make a predictable change in input string result in a very unpredictable change in hash output.

Re:Obviously computationally trivial?

[ewanm89]

Adding to that, if this wasn't the case, one could easily start with any input and slowly alter it and hash until a collision is reached.

via the FAQ

[LogarithmicSpiral]

Vash makes extensive use of structure, intensity, and position in its image generation. Despite its visually striking and distinctive impact, color plays only a small role in differentiating between Vash images.

Try 3.1415 and 3.1415926535897932

How hard is it to found a collision?

Suppose Alice memorizes her server ssh key fingerprint using Vash. How hard is it for an attacker to come up with another key having a _similar_ Vash that can spoff Alice?

Re:How hard is it to found a collision?

[terrence2]

If you are not doing anything special to filter the images, it's not terribly difficult to find a duplicate. If Alice is concerned about her security, she would do well to check every bit of her fingerprint twice. If Alice is my grandmother, on the other hand, I would be lucky if she even glances at the fingerprint at all, much less verifying it. In short, the point of Vash is to augment existing security mechanisms to make them more accessible to an audience with less understanding of public key cryptography. It's definitely not as good as the raw hex string, but it should allow you to use public key cryptography at all in markets where you might not have wanted to before.

That said, you really should be filtering the outputs. A good keygen implementation will need to take into account the visual properties of the output signature, as well as the cryptographic properties of the key (e.g. so that you can have a checkbox for colorblindness in your UI). The generator is random and will occasionally spit out images that are just obviously not useful and filtering the outputs solves many of these problems. If your keys are distributed centrally, the problem is even easier because you can conceivably ensure that all images are sufficiently different from one another.

how?

How did you find those would be so close? Did you just randomly choose to try pi and then add digits? Did you see radial symmetry and decide to plug that in?

VisualIDs did it better

[Rozzin]

I'll try to put together some specific thoughts on *why* I think VisualIDs did it better, and what the issues with Vash are, in the morning. For the time being, I guess I'll just throw that out there as a conversation-seed and let people Google it....

Re:VisualIDs did it better

[terrence2]

VisualID's do have some very nice aspects. I would appreciate hearing your thoughts.

Re:VisualIDs did it better

[Rozzin]

Part of it is that, going by the examples, this statement in the Vash FAQ is just flat-out wrong:

How does Vash work for color blind or other visually impaired individuals?

Despite its visually striking and distinctive impact, color plays only a small role in differentiating between Vash images.

Rather, it shows that the intent is right but the execution has failed: that no two images are differentiated only by being coloured differently is good, but that the shapes composing a given image are defined entirely as borders between colourfields is extremely problematic: because two adjacent colours may or may not even actually be distinguishable for the viewers--as someone who's protanomalous myself, I have difficulty even seeing any of those shapes that are defined purely by boundaries between fields of red/green or blue/purple; and some of the gradients actually make things even worse.... It's like the joke about the `drawing of a polar bear in a blizzard'. So, you've ended up making colour a much more important aspect than you think :) A couple of my favourite references on colour vision, and how to work with it:

• Color Universal Design (CUD) - How to make figures and presentations that are friendly to Colorblind people -
• Color Vision, Color Deficiency (an intro/guide for UI-, web- and other graphic designers)

There's one particular issue that's mentioned in the Firelily article, though only briefly, and it deserves being brought to attention--as a Slashdot commenter did some years back:

blue & red should not be placed next to each other, generally. Since they fall roughly at opposite ends of the visible spectrum, the eye's focal power differs the most between those colors. As your eye/brain tries to focus properly on two colors that require slightly different adaptations, you can perceive a "vibration" -- the boundary between the red & blue will have a high-frequency shimmering or vibrating appearance.

It may also be useful to read `Rainbow Color Map (Still) Considered Harmful'; there are some applicable lessons in there, though they're harder to find.

need textual description

What prevents simple copy of the image? Need to store as visual descriptions of the hash, then verifier confirms the hash looks like the description. E.g., software measurement in a Tpm.

'Alabastera' = Flat blue image

Not too encouraging that the second word I input resulted in a plain blue image. Suggests a not-too-diverse result set. Either that or I'm just incredibly skilled at finding dull output.

Unicornify!

http://unicornify.appspot.com/

Disheartening

[Ltap]

It's disheartening to see something which I voted down on the Firehose as an obvious slashvertisement appear anyway. Will the "Understanding Mormonism" and link to an ad farm spam show up too?

Vashslertisement.

[Hognoxious]

Looks like a Vashslertisement.