Extension talk:KittenAuth

Not secure
Although adorable, it's important to note that KittenAuth is not secure. The reason is that the database is small enough that the attacker can observe all possible images with a small number of queries and then tag them, then later match the images against those seen before with simple hashing or image matching techniques. Even if the database were larger, making the database and its tags publicly available negates any vestige of security in the system (while not making them publicly available of course makes it not open source). The original paper on kitten/puppy authentication worked only because it had a very large, secret database (and was broken anyway two years later with machine learning methods). Be wary. Dcoetzee 03:29, 14 May 2011 (UTC)