A new project called Keybase is attempting to make cryptographic keys, like those used for bitcoin wallets, easier for everyone to use.
One of the most important elements of bitcoin is arguably the cryptographic key pair, and every wallet has two keys: a public one as an advertised address, and a private one that controls it.
Yet, the system is not perfect. Key pairs are confusing for many users and there isn’t yet an effective, decentralized way by which keys can be linked to an identity, thus proving ownership.
Keybase believes it can help make using keys more secure and understandable by providing what’s known as public key infrastructure (PKI) for cryptography.
Chris Coyne, who runs the Keybase project along with colleague Maxwell Krohn, said:
“In 2014, you know people by their online presence. You know them by their Twitter name, their personal website, and so on. Keybase is a protocol for people to sign statements and announce them to the public.”
The concept for Keybase came from the desire to make public key cryptography more social media friendly. While a grad student at Carnegie Mellon University, Krohn said he tried to come up with a viable PKI-related Facebook project, but couldn’t find one interesting enough.
“The dream of a working PKI is as old and important as the idea of public key cryptography itself,” said Krohn.
Coyne said Keybase also drew from his experience with problems using bitcoin. When downloading Bitcoin-QT, the currency’s basic wallet, for the first time, he realized how difficult it was to find out who actually signed the underlying code.
However, with Keybase, Coyne said:
“In one command, [I] get a verified summary – it was signed by this Twitter account, that GitHub account.”
And when the price of bitcoin started to rise to higher levels, Coyne realized the need to publicly verify addresses to which people send BTC.
Social networking and cryptography
A Keybase profile looks like any other social media profile. The attached cryptographic keys can be used for communication, code signing, bitcoin – the technological applications are numerous.
To endorse proof, Keybase requires verification. Members can post a tweet linking back to their profile, or create a GitHub public gist with identifying information.
Verifying myself: I am danielcawrey on Keybase.io. DBcSyQ6EK1uAQxNoZipM_gEpdqetUU2Kx0IF / https://t.co/WqVzgCHX86
— Daniel Cawrey (@danielcawrey) July 15, 2014
In order to maintain proof, Keybase regularly checks to ensure verifications still exist. Furthermore, all of the Keybase information is stored on a bitcoin address as unspent transactions, creating public proof that anyone can see via the block chain.
“Anyone can write a client that polices Keybase,” said Coyne. “And if it ever catches a lie, it will be provable, since all these statements are signed by Keybase, with its public key.”
Winning over the developers
Technologies like Keybase could be a way to access the full spectrum of what cryptography can do for people.
“This is all very powerful stuff, but the general public has almost no access,” said Coyne.
The Keybase idea is reminiscent of Coinbase’s recent launch of Payment Pages, a way to put a face and a name – a profile – to bitcoin wallets.
However, unlike consumer-focused Coinbase wallets, Keybase has no illusions that it first needs to influence the developer community in order for its idea to take off. That’s why its website is designed to encourage coders to develop around Keybase’s concept to begin with.
“Without a good way to map identities to public keys, most interesting crypto-based systems can’t get off the ground,” said Krohn.
Attaching monetary value to a cryptographic system like bitcoin might be the answer to further adoption for Keybase. If there’s a way to make the system easy for anyone to use crypto, Keybase may be on to something.
“We expect our first killer app might be with cryptocurrencies.”
Binary code image via Shutterstock