Hey Pontifex,
The problem with Keybase is that the infrastructure they're based upon, PGP/GPG, is probably not using modern key generation algorithms by default for symmetric encryption of keys.
What do you mean by that precisely? I don't think PGP/GPG/OpenPGP is meant to encrypt private keys on servers. In what way OpenPG or GnuPG would be linked with keybase.io private key encryption scheme or algorithms choice? I don't know everything about OpenPGP standard but I'm pretty sure it doesn't deal with such things.
Exactly, it doesn't. OpenPGP/GnuPG allows (strongly encourages!) you to encrypt your private key, so that you can only perform private key operations if you provide your passphrase. *In theory*, a well-encrypted private key can be uploaded to the NSA's own servers without hazard; this is the idea of "semantic security", I'm told. So, uploading a well-encrypted private keypair to keybase *should* be OK, with certain caveats. Leaving aside that it's a bad idea anyway, because the fewer copies of your private key there are under various passphrases the better, my main concern is that OpenPGP never was designed for semantic security with modern key-cracking in mind. So, decrypting private keys for use is quite fast, whereas you really want decryption to take a second or more so that brute-force cracking will take forever. Really though, I'm wondering whether it makes no difference how good the key schedule is because many people will continue to use terrible passphrases for their keys, and keybase or their NSA friends could just parallel-brute-force every key in the DB and compromise those keys quickly, using them to spread falsified keys with good standing in the WoT.
So, how many keys are encrypted using key algos that are easily cracked? If they were using hard keygen algos, then even bad-but-not-terrible passwords would be not-entirely-trivial to crack. But keybase can't even enforce that, because the PGP infrastructure is too legacy-laden.
Again, what has PGP/GPG/OpenPGP to do with keybase.io good or bad choices (you don't seem to know anything about that either by the way :-) regarding encryption of secrets on their servers? I don't get it.
You're making assumptions about my level of knowledge on the subject, here. I'm discussing the suitability of the key schedules used for encrypted PGP private keys by available software, and whether these schedules are suitable for use entrusting your key to a remote, US-based webservice in a "zero knowledge" way. Especially as probably most OpenPGP implementations won't sanitise stupid passphrases. -- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com