maximumpc.com MAR 2020 MAXIMUMPC 17
Alex Campbell
OPEN SOURCE
©^
LIN
UX
Keybase Is the Encrypted
System You’re Looking For
WHAT STARTED AS A SIMPLE public key registry is now an encryption
powerhouse for all kinds of users. If you’re looking for secure replacements
for file sharing, cloud storage, chat, Git, or user authentication, Keybase
probably has you covered. By making encryption easy, Keybase is looking
to make communication and collaboration more secure.
The upstart encryption app
has expanded to cover services
well beyond its initial offering.I signed up for Keybase.io a few years ago. Back
then, I saw the service as an innovative method
to share PGP public keys. Since then, the upstart
encryption application has expanded to cover
several services well beyond its initial offering.
First off, I have never once used my PGP key for
anything other than signing emails. Pretty Good
Privacy—implemented with GnuPG or GPGTools
and commonly known by its open-source moniker
GPG—is one of the most powerful public key
encryption tools available. Unfortunately, using
GPG to encrypt text and files can be cumbersome.
Furthermore, proving the authenticity of a public
key is problematic. When polling old key servers
like that hosted at MIT, only the key fingerprint
and email address can be used to authenticate
a key. Keybase’s methodology is different: Each
user can use a number of social media accounts
to authenticate their public key. With a simple
set of keystrokes, one can encrypt a message to
a Keybase user with their public key, even if they
don’t know the recipient’s Keybase username.
If someone wanted to encrypt a message
to me, they could use my Keybase username
(alexcampbell) or my Twitter handle (accurrently@
Twitter) via the command line. While this is nice,
newer Keybase features make this process nearly
obsolete. The Keybase File System (KBFS) worksa lot like Dropbox, and creates
mount points on your local system
(generally at /keybase on Linux
and OSX). If Alice wanted to encrypt
a file to me, she’d simply place a
file at the mount point /keybase/
private/alice,alexcampbell , which
is a folder that automatically
encrypts all files placed within
it with my and Alice’s public
keys, before being uploaded to
Keybase’s cloud storage. Alice can
also have a private storage folder
at /keybase/private/alice.
The kicker? Every Keybase user
gets 250GB of free cloud storage,
and any shared files only count
against the original sharer’s quota.
Keybase has encrypted user-
to-user chat and a feature called
Teams (a drop-in replacement for
Slack), using the same public key
encryption scheme.
Keybase now provides for
encrypted private Git repositories,
too; while GitHub has private
repositories, the files in
those repositories are stored
unencrypted. If you have a
personal diary or a collection of
configuration files with secrets,
Keybase’s Git feature is an option.
Keybase also offers the ability
to hold the Stellar cryptocurrency
Lumens (XLM) in a wallet
accessible via the Keybase app,making it simple and seamless to
use the currency. A Stellar wallet
is included as a proof of identity, so
you can be sure a Stellar payment
to Alice is going to Alice, not Bob.
For now, Keybase is free to use.
The project got a first round of
funding from VC firm Andreessen
Horowitz in 2015. While the
software is open-source, Keybase
has hinted at letting users pay for
more storage or other enhanced
services to sustain the business.
If nothing else, the 250 GB of
free encrypted cloud storage is
worth checking out Keybase.
A word of caution: While
Keybase can create a private key
online, always generate a GPG
keypair on your own machine. The
Keybase docs can help with that.Alex Campbell is a Linux geek
who enjoys learning about
computer security.The Keybase profile of co-founder
Chris Coyne.