Email is not secure. Let’s stop fooling ourselves. Just because I use Gmail, and I’m using it over HTTPS does not mean that the email I send or receive is encrypted while being transmitted outside of Google’s network. Inside Google’s network, even, the contents are not encrypted.1 So, why do we keep sending sensitive information through email, and why do our banks and mortgage brokers and HR departments keep asking for us to send our Social Security number, bank accounts, and other private details through email?
Is it because we are oblivious, naïve, or do we just not care? I suspect it’s a little of all three, but mainly it’s because encryption is hard, and the difficulty barrier keeps us from adopting it.
The alpha launch of Keybase has got me excited. It uses the public-key cryptography (a.k.a. PGP/GnuPG) model to identify yourself, prove your identity, and allow others to vouch for your identity. I hope it paves the way to making encryption easier for us all, from the technologically-skilled to the technologically-challenged.
How Public-key Encryption Works
I want people to send me sensitive information, but I don’t want anyone else to read it while the information is traveling across the Internet. So, I create a pair of keys. One is public; I can send it to others. One is private; I should keep it secret and safe, like the most secret password I’ve ever had.
I give my public key to someone who wants to send me sensitive information, like a Social Security number. They encrypt a file using my public key and send the encrypted file to me. I can decrypt it, since I have the private key that’s paired with the public key used to encrypt the file. I’m the only one in the world who can read the file, and that’s great because I was the intended recipient.
Here’s what’s important: even if someone intercepts the file, they cannot read it because they do not have the private key to decrypt the message. Even if they have my public key, they cannot decrypt it. The information is safe!
A second benefit of encryption is that I can sign my messages to other people, using my private key. If the recipient has my public key, they can verify the signature. If the signature is bogus, they know I didn’t send the message, but if it checks out, they can be certain I sent the message. No one can forge my signature. Using the signature ensures the message hasn’t been tampered with and the recipient hasn’t been fooled into thinking they’ve received a message from me that is really spam (or worse).
A third benefit is the web of trust. Others may validate my public key by signing it with their own key. These signatures are then added to public key servers as additional proofs that the keys in question do, in fact, belong to their real owners. This helps others know whether a signed message from me is actually coming from the real me and not just someone claiming to be me with a false key. The web of trust is decentralized, with key servers around the world.
Encryption Is Hard
While encryption provides massive benefits, it is difficult even for seasoned technologists to perform, much less everyone else. This is because the tools we use for encryption often require basic knowledge of how encryption works. Command line tools and mail and browser plugins may be used to encrypt and decrypt messages using your public/private key pair, but these tools are all afterthoughts, things that must be installed and maintained by a user who knows what they are doing.
In order to gain mass adoption of encryption, it needs to be made central to the applications and platforms we use, and we need the ability to use it easily without fully understanding it. It needs to just work.
How Keybase Fits In
I think Keybase is taking steps toward making encryption work for everyone. Keybase is like a key server with much more. I’m excited about what it could become and what it means for the technology community.
With the alpha launch, here are a few of the things Keybase provides:
- Identity verification with your Twitter and GitHub accounts
- Tracking of users to vouch for their identities
- In-browser tools to help you encrypt/decrypt messages to/from other users
- Command-line tools to help you encrypt/decrypt messages to/from other users and to streamline and make encryption easier to use (than with the standard GnuPG tools)
Will Keybase result in mass adoption of encryption? No, but it might get technologists and early adopters excited to start using encryption more regularly. The coolness factor could cause encryption to finally catch on in the tech community. Then our community will build the tools necessary to make it easier for our friends, family, and the rest of the world to use encryption.
Here are a few thoughts I gathered from my short time using Keybase.
While the Keybase concept of tracking other users is similar to following from Twitter, it also allows you to sign another user’s key. This is like the web of trust I mentioned, but it doesn’t ask for a level of trust when signing the keys. In my opinion, this is a flaw in Keybase’s design. The web of trust is important to encryption. No one has been driving the web of trust forward, and that’s partly why encryption has been neglected and forgotten. Keybase is in a unique position to drive adoption of the web of trust. I think tracking should remain, but it would be a form of loose trust. I should be able to say that I fully trust another user’s key as belonging to them—maybe they gave me their public key in person, so I know without a doubt it’s theirs—and that trust would be paramount to the system.
Keybase is like a key server, but keys uploaded to Keybase are not distributed to the other key servers. If someone on Keybase signs my key, indicating they trust it, this is also not propagated to the other key servers. For the public-key web of trust to work, Keybase needs to play nicely with the already decentralized body of key servers.
I’d like to know if Keybase has any plans for physically verifying proof of one’s identity. I’m not sure how this would work in practice, but I could see it as a very useful service, helping to boost the trust level of my key and user account.
I’ve been hoping for a long time that someone would help solve the encryption problem, making it easier for everyone to use. I don’t think Keybase will solve the problem for everyone, but I do think they are raising awareness and could help generate excitement and buzz within the tech community, getting more of us to begin using encryption regularly. When we all start using encryption, then we can drive the rest of the world to use it, making all of our data and ourselves a lot safer.
Be sure to check out my profile on Keybase, and feel free to send me an encrypted message.
Disclaimer: I am not a representative of Keybase. I am just an early user of the service who is excited about what it could become.
A recent announcement from Google explains that “every single email message you send or receive—100% of them—is encrypted while moving internally.”↩