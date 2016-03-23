This description sure sounds like exactly what https://keybase.io provides.
1. it's invite based?
2. it supports very few external services that you can verify (I can't figure out a way to verify LinkedIn or Gitlab for instance) ?
As for services, each service that's supported presumably needs custom code, and also needs to have a publicly-auditable way to post a proof that cannot be done by anyone other than the owner of the account (e.g. for Twitter you need to actually tweet something, for GitHub you need to post a gist, etc). I don't have a LinkedIn account or use GitLab so I don't know if those services have an effective way to handle such a proof.
For reference, here's a ticket asking for LinkedIn support - https://github.com/keybase/keybase-issues/issues/1115. Here's one for GitLab - https://github.com/keybase/keybase-issues/issues/1242 - which documents some barriers there (such as no API to get GitLab snippets).
I even wrote a prototype chrome extension for a few friends and myself: http://lettergram.github.io/AnyCrypt/
I love the idea of keybase, I just wish it was used by more people.
This is something I thought FB would be in a better position to do a while back: http://zalberico.com/essay/2016/03/23/Facebook-and-Public-Ke....
Though I guess most have just moved to walled garden encryption models instead of GPG - Moxie talks a bit about that here: https://moxie.org/blog/gpg-and-me/
The Design Overview does reference the fact that a user would have account credentials, and suggests that an attacker would have to compromise those credentials in order to change the keys on the user's account. So that's good. But that's still a single point of failure.
Compare this with keybase.io, where if an attacker compromises your account, they can't associate a new key with e.g. your twitter account thus tricking anyone who knows you over twitter into using your new key (they'd have to remove your twitter account from your profile in order to change the key). So keybase.io uses the variety of social networks as proof that your key really is owned by you, whereas Key Transparency seems to rely entirely on other people noticing via the key transparency history that the keys on the account all changed at some point (which doesn't necessarily even mean the account was compromised, it's possible the user did that deliberately because e.g. they lost control of their private key).
Note: I must repeat that I gave this only a cursory glance, and I didn't pay attention to some of the potentially-interesting properties here such as privacy protection. It's very plausible that Key Transparency does have valuable properties that keybase.io doesn't provide.
It's already implemented in Android OpenKeychain.
How is this different than KeyBase?
It is similar. Some differences include the use of ZKP, it is a generic key store designed (could be used for PGP or E2E messaging), it is designed to scale to trillions of entries, anyone can run a log, and architecturally it should scale significantly better. KeyBase is doing great work, though.
You don't need to do anything and you get encryption and trust and all that stuff.
While keybase is a step in the right direction, it does not make communication any more secure by default.
You still need to setup PGP and use it to benefit from keybase.io
So in essence; CT is that one step ahead of keybase.io that makes it much much more useful but keybase is still a step in the right direction.
This is what I'm really not seeing in the blog post / GitHub repo; how does this actually establish trust in the received key?
(While it is true that the owner of the key can audit their account, that doesn't help a sender. Also, if watching people "verify" SSH & GPG keys has taught me anything, it's that even engineers who should know better are way too lazy.)
[1]: https://github.com/google/key-transparency/blob/master/docs/...
Thanks for the clear-up !
The blog is more 'why' while the repo is mostly 'how'.
This is also useful for understanding some of the core differences between CONIKS and Key Transparency - https://github.com/google/key-transparency/blob/master/docs/...
First, like CT you want an ecosystem of logs.
Second, you have caching and in-band exchanges as means to mitigate some of that.
