Ben Ramsey

Syndicate content
Updated: 2 hours 23 min ago

Will Encryption Catch on With Keybase?

Sat, 22/03/2014 - 07:14

Email is not secure. Let’s stop fooling ourselves. Just because I use Gmail, and I’m using it over HTTPS does not mean that the email I send or receive is encrypted while being transmitted outside of Google’s network. Inside Google’s network, even, the contents are not encrypted.1 So, why do we keep sending sensitive information through email, and why do our banks and mortgage brokers and HR departments keep asking for us to send our Social Security number, bank accounts, and other private details through email?

Is it because we are oblivious, naïve, or do we just not care? I suspect it’s a little of all three, but mainly it’s because encryption is hard, and the difficulty barrier keeps us from adopting it.

The alpha launch of Keybase has got me excited. It uses the public-key cryptography (a.k.a. PGP/GnuPG) model to identify yourself, prove your identity, and allow others to vouch for your identity. I hope it paves the way to making encryption easier for us all, from the technologically-skilled to the technologically-challenged.

How Public-key Encryption Works

I want people to send me sensitive information, but I don’t want anyone else to read it while the information is traveling across the Internet. So, I create a pair of keys. One is public; I can send it to others. One is private; I should keep it secret and safe, like the most secret password I’ve ever had.

I give my public key to someone who wants to send me sensitive information, like a Social Security number. They encrypt a file using my public key and send the encrypted file to me. I can decrypt it, since I have the private key that’s paired with the public key used to encrypt the file. I’m the only one in the world who can read the file, and that’s great because I was the intended recipient.

Here’s what’s important: even if someone intercepts the file, they cannot read it because they do not have the private key to decrypt the message. Even if they have my public key, they cannot decrypt it. The information is safe!

A second benefit of encryption is that I can sign my messages to other people, using my private key. If the recipient has my public key, they can verify the signature. If the signature is bogus, they know I didn’t send the message, but if it checks out, they can be certain I sent the message. No one can forge my signature. Using the signature ensures the message hasn’t been tampered with and the recipient hasn’t been fooled into thinking they’ve received a message from me that is really spam (or worse).

A third benefit is the web of trust. Others may validate my public key by signing it with their own key. These signatures are then added to public key servers as additional proofs that the keys in question do, in fact, belong to their real owners. This helps others know whether a signed message from me is actually coming from the real me and not just someone claiming to be me with a false key. The web of trust is decentralized, with key servers around the world.

Encryption Is Hard

While encryption provides massive benefits, it is difficult even for seasoned technologists to perform, much less everyone else. This is because the tools we use for encryption often require basic knowledge of how encryption works. Command line tools and mail and browser plugins may be used to encrypt and decrypt messages using your public/private key pair, but these tools are all afterthoughts, things that must be installed and maintained by a user who knows what they are doing.

In order to gain mass adoption of encryption, it needs to be made central to the applications and platforms we use, and we need the ability to use it easily without fully understanding it. It needs to just work.

How Keybase Fits In

I think Keybase is taking steps toward making encryption work for everyone. Keybase is like a key server with much more. I’m excited about what it could become and what it means for the technology community.

With the alpha launch, here are a few of the things Keybase provides:

  • Identity verification with your Twitter and GitHub accounts
  • Tracking of users to vouch for their identities
  • In-browser tools to help you encrypt/decrypt messages to/from other users
  • Command-line tools to help you encrypt/decrypt messages to/from other users and to streamline and make encryption easier to use (than with the standard GnuPG tools)

Will Keybase result in mass adoption of encryption? No, but it might get technologists and early adopters excited to start using encryption more regularly. The coolness factor could cause encryption to finally catch on in the tech community. Then our community will build the tools necessary to make it easier for our friends, family, and the rest of the world to use encryption.

Here are a few thoughts I gathered from my short time using Keybase.

  • Keybase allows you to upload your private key to the service for use in encypting/decrypting through the browser. They use a JavaScript library to encrypt your private key on the client-side before sending it to their service, but you never know what some other browser plugin or cross-site scripting attack is doing with your data. I advise against this. Use the Keybase command line tools instead. This will ensure your private key is safely kept on your computer.

  • While the Keybase concept of tracking other users is similar to following from Twitter, it also allows you to sign another user’s key. This is like the web of trust I mentioned, but it doesn’t ask for a level of trust when signing the keys. In my opinion, this is a flaw in Keybase’s design. The web of trust is important to encryption. No one has been driving the web of trust forward, and that’s partly why encryption has been neglected and forgotten. Keybase is in a unique position to drive adoption of the web of trust. I think tracking should remain, but it would be a form of loose trust. I should be able to say that I fully trust another user’s key as belonging to them—maybe they gave me their public key in person, so I know without a doubt it’s theirs—and that trust would be paramount to the system.

  • Keybase is like a key server, but keys uploaded to Keybase are not distributed to the other key servers. If someone on Keybase signs my key, indicating they trust it, this is also not propagated to the other key servers. For the public-key web of trust to work, Keybase needs to play nicely with the already decentralized body of key servers.

  • I’d like to know if Keybase has any plans for physically verifying proof of one’s identity. I’m not sure how this would work in practice, but I could see it as a very useful service, helping to boost the trust level of my key and user account.

I’ve been hoping for a long time that someone would help solve the encryption problem, making it easier for everyone to use. I don’t think Keybase will solve the problem for everyone, but I do think they are raising awareness and could help generate excitement and buzz within the tech community, getting more of us to begin using encryption regularly. When we all start using encryption, then we can drive the rest of the world to use it, making all of our data and ourselves a lot safer.

Be sure to check out my profile on Keybase, and feel free to send me an encrypted message.

Disclaimer: I am not a representative of Keybase. I am just an early user of the service who is excited about what it could become.

  1. A recent announcement from Google explains that “every single email message you send or receive—100% of them—is encrypted while moving internally.”

Categories: Not PHP-GTK

Dates Are Hard

Sat, 22/02/2014 - 18:17

No, I’m not talking about a meeting with a lover or potential lover. While those can be stressful, the calendar math used to determine the precise date and time on which such a meeting might occur is infinitely more difficult to perform. To software programmers, this isn’t news, but I recently encountered an issue when calculating the time for an RFC 4122 UUID that had me questioning the accuracy of our modern, accepted calendars, especially with regard to the days of the week on which our dates fall.

I was working on a simple bug fix for my rhumsaa/uuid PHP library. All tests passed locally, so I assumed the tests would pass in Travis CI after I pushed them to the repository. After all, I hadn’t made any changes to the library; I had just moved a few things in the composer.json file.

But then I received a broken build email from Travis CI. I clicked on the build link to see what had happened, and I saw this:

Notice how the tests passed in PHP 5.3 and HHVM, but they failed in PHP versions 5.4 and 5.5. I was doubly confused, since I was running my local tests against PHP 5.5.4, but they were failing on Travis CI in 5.5!

The confusion doesn’t stop there. I took a look at the test failures. There were three of them. Each was some variation of this:

1 2 3 4 5 6 7 2) Rhumsaa\Uuid\UuidTest::testGetDateTime Failed asserting that two strings are equal. --- Expected +++ Actual @@ @@ -'Sun, 16 Oct 1582 16:34:04 +0000' +'Sat, 16 Oct 1582 16:34:04 +0000'

It’s expecting Sunday but was getting Saturday for the very same date. How could that be?

At this point, I should explain why I’m checking for this specific date. It’s not an arbitrary choice. Version 1 UUIDs are based on timestamps that are created from 100-nanosecond intervals since 00:00:00 UTC on October 15, 1582. Again, UUID doesn’t arbitrarily use this date. It’s an important date in history. It is the first day of the Gregorian calendar.

For my unit tests, I chose to test a few of the earliest dates that could possibly be used to create UUIDs. I chose to use static date strings, since I didn’t expect the dates to change. I used PHP to generate the date strings in RFC 2822 format:

1 2 php > var_dump(gmdate('r', strtotime('1582-10-16T16:34:04+00:00'))); string(31) "Sun, 16 Oct 1582 16:34:04 +0000"

And my tests included code that looked like this:

1 2 3 $uuid = Uuid::fromString('0901e600-0154-1000-9b21-0800200c9a66'); $this->assertInstanceOf('\DateTime', $uuid->getDateTime()); $this->assertEquals('Sun, 16 Oct 1582 16:34:04 +0000', $uuid->getDateTime()->format('r'));

Using these date strings, I was under the mistaken impression that systems know on what day of the week any particular date is supposed to fall. The system on which I ran this PHP code was convinced that the 16th of October in 1582 was a Sunday, so I trusted this.

The 16th of October in 1582 was not a Sunday, however. It was, in fact, a Saturday. And the 15th of October in 1582 was not a Saturday (as these same systems reported) but, rather, a Friday. When Travis CI reported two of my builds as broken, it was because these systems were accurately reporting the day of the week.

It gets stranger, though. The Unix cal program doesn’t seem to know the correct day of the week for these dates, either:

1 2 3 4 5 6 7 8 $ cal 10 1582 October 1582 Su Mo Tu We Th Fr Sa 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

What’s going on here? To make a long story even longer, Gregory’s calendar reforms sought to correct a drift in the date of the vernal equinox, and to correct this shift and place it back on March 21st, ten days were removed from the calendar at the time of adoption of the Gregorian calendar. Thus, October 4, 1582 falls on a Thursday and the very next day is October 15, 1582, which is a Friday.

The Unix cal program doesn’t show this removal of dates in October 1582, so dates 5-14 are still in place. As a result, how can we be certain that our current days of the week fall on the correct dates? It’s clearly wrong. Where does Unix cal fix this?

It turns out, the Unix cal program follows Great Britain’s adoption of the Gregorian calendar. Great Britain (and its American colonies at the time) adopted the Gregorian calendar in September 1752, and the cal program shows this:

1 2 3 4 5 6 $ cal 9 1752 September 1752 Su Mo Tu We Th Fr Sa 1 2 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

Still, while cal uses Great Britain’s adoption date, the Unix date command appears to use Gregory’s adoption date, but it doesn’t remove the dates 5-14 in October 1582. Therefore, while the 15th falls on a Friday, the 4th falls on a Monday, ten days earlier. October 14, 1582 shouldn’t exist, but it does:

1 2 3 4 5 6 $ TZ=UTC date -d "1582-10-15T00:00:00.00Z" Fri Oct 15 00:00:00 UTC 1582 $ TZ=UTC date -d "1582-10-04T00:00:00.00Z" Mon Oct 4 00:00:00 UTC 1582 $ TZ=UTC date -d "1582-10-14T00:00:00.00Z" Thu Oct 14 00:00:00 UTC 1582

So, the mystery is solved, and it makes sense why this happens, but it means that it’s tricky to determine the day of the week for dates in the distant past. As for my tests, I dropped the use of the RFC 2822 date format. I didn’t need to test the day of the week. I just needed to test the date. Switching to the ISO 8601 format eliminated the problem for me.

However, this still doesn’t answer why some builds of PHP report October 15, 1582 as occurring on a Friday, while others report it as being a Saturday. Perhaps Derick can help answer that. :–)

Categories: Not PHP-GTK