Talk:Identicon

untitled
What about wawatars? Shouldn't they also be added to the list?

The statement that it is "impossible" to obtain the IP address from a MD5 Identicon is untrue. Identicons are both interesting and useful, but adding MD5 hashing does not significantly enhance privacy.

There are ~4 billion unique IPv4 addresses. It is entirely computationally feasible to generate all possible IPv4 MD5 identicons and exhaustively compare them to one or more unknown identicons. Just as 32-bit keys are trivial to break in encryption, 32-bit IP addresses are likewise trivial to recover from a "one-way" hash via exhaustive search.


 * The IPs are impossible to obtain from the hash alone if you use a secret salt, which is the case for Don Park implementation. --MichalKwiatkowski (talk) 17:12, 9 June 2008 (UTC)

guess that depends upon how "secret" the salt is. But more to the point... the whole thing seems rather pointless. The huge majority of people connect to the internet using dynamic ip addresses. Thus their ip address is frequently changing. Thus the ip address is of very limited use for identification. The article ought to mention this. Also the concept is hardly new or original. There have been programs available for many years that use ASCII Art to display a fingerprint of a binary file -- for the same reason, which is that human pattern recognition is superior to text recognition. 63.229.1.210 (talk) 07:51, 27 May 2010 (UTC)  this is signed with my ip address which in about 5 minutes will be useless...  every time I power cycle the dsl I get a new ip...  you see my point? 71.35.163.43 (talk) 08:01, 27 May 2010 (UTC) the identicons are pretty though, I give him that.

The paper, "Hash Visualization: a New Technique to improve Real-World Security," was published in 1999 by Adrian Perrig and Dawn Song of CMU. So either the Invention section is basically incorrect, or the word 'Identicon' is specific to this one visual hashing technique. If the former, the Invention section should be updated to reference this paper, if the latter, the article should be made clearer on this and probably at least reference other work in Hash Visualization. 66.116.72.114 (talk) 20:18, 23 August 2010 (UTC)

Adding to User:MichalKwiatkowski 's text, is it possible to find the IP of the "arbitrary identicon" used as an example on the page? Also, why is there no talk of the other types of identicons, such as the ones listed here: https://github.com/drhus/awesome-identicons (that isnt me) 141.156.181.66 (talk) 16:30, 9 June 2020 (UTC)Bumpf

Dubious
This page currently states:

"The Identicon graphic is relatively unique since it's based on the user's IP, but it is not possible to recover the IP by looking at the Identicon."

Is this really true? Even if Identicon is implemented using a perfect hash function, it may be possible to recover an IP address by simply finding the Identicon of every IP address (there are only about four billion of them) and checking each one. Of course, this is infeasible if calculating an Identicon takes a very long time. —Tanner Swett (talk) 22:11, 23 June 2011 (UTC)

ETA: Ah, I should have looked at the discussion above. Apparently, Identicon also uses a secret salt, so that nobody can calculate an Identicon except whoever is running the site that produced it originally. Still, I think we should have a source for this, so I'm changing the "dubious" tag to a "citation needed".—Tanner Swett (talk) 22:15, 23 June 2011 (UTC)

s/hash/string of bits/
Isn't it for visualizing a string of bits and not restricted to a hash? — Preceding unsigned comment added by 207.35.173.122 (talk) 21:04, 27 February 2013 (UTC)

كيف ابدا
مقابله وكيديا للنشىر والوظايف 213.246.10.110 (talk) 19:01, 24 February 2023 (UTC)