-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, guys Keybase.io seems to be a great tool to create a true WoT. Are anybody in there? They are working with invitations. CheerS - -- echo 920680245503158263821824753325972325831728150312428342077412537729420364909318736253880971145983128276953696631956862757408858710644955909208239222408534030331747172248238293509539472164571738870818862971439246497991147436431430964603600458631758354381402352368220521740203494788796697543569807851284795072334480481413675418412856581412376640379241258356436205061541557366641602992820546646995466P | dc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTpFtOAAoJEG7IGPwrPKWrrmgIAJe2oyJodQtlMmi4cNZ/tCXq vGLnzkOos4PZYiIxM8Vx/gb5LaYZnK30tJ9eXkiUBw9d0OVdMLnBSCDvlPLiGOL0 gww+vzv8Ys005rdK8wfEs5BwZxRJUbA6yQ4BGPsmoWfO8ceUodzwmKi861dwe8sY CRqtHPsLEULO0ChSmNOL+nSDhZITTpFmK27Nu3/3BMxImDb0iCktJ/JGeRnId4pm lmiVgPkJMUlT2c18EZRZuqf3oMNBoN9ce1e5Mbfun+STd33d5/5yxpiPfAnxmtSn rWEY4C+6c8fh/Nf5MvX4nGZlbejBxeCdZUqIIv3ZPIxAaVhCnbnLfrWXp3qRN8g= =s7LH -----END PGP SIGNATURE-----
I wouldn't say "true", I'd say "proto". In the end, you're still relying on a central point of trust, in this case Keybase, for a lot of the key distribution, but as a way to bootstrap a WoT that can outgrow Keybase I think it looks really promising. I'm not one to shirk hackish solutions in favour of purity, because purity has barely worked in decades of PGP WoT building. Speaking of Keybase, anyone got an invite? :) On 20/06/14 17:03, MrBiTs wrote:
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
On Fri, Jun 20, 2014 at 12:09 PM, Cathal Garvey < cathalgarvey@cathalgarvey.me> wrote:
I've been very impressed with how Keybase has evolved, and how well they explain their model to users. It is without a doubt what I'd recommend to a semi- or un-technical user to get them started. They have a walkthrough of their approach to security and threat models here: https://keybase.io/docs/server_security And they explain "tracking" in detail here: https://keybase.io/docs/tracking
-- konklone.com | @konklone <https://twitter.com/konklone>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
More than only create a great documentation, the wrapper they wrote in NodeJS abstracts GnuPG commands making easy to any un-technical person to use cryptography constantly. Of course a little bit of paranoya is always good, and I don't agree with the idea to host my private keys in a server I don't control, even cyphered with a password, but I think it can solve the problem that users forget or loose your keys and our keychain remains with unuseable, no revogated keys. CheerS - -- echo 920680245503158263821824753325972325831728150312428342077412537729420364909318736253880971145983128276953696631956862757408858710644955909208239222408534030331747172248238293509539472164571738870818862971439246497991147436431430964603600458631758354381402352368220521740203494788796697543569807851284795072334480481413675418412856581412376640379241258356436205061541557366641602992820546646995466P | dc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTqV9jAAoJEG7IGPwrPKWrSqUIAJvz47cjDQ5A3k7kOowbvinR i5+epHyDZYdYVAYmAlge9mLv4MnUDSsMYBFTtwKRuV8p5Afpr4SYsjFRZDOo0v3F kMZhPs7CPtigeWgXAlADHiO8V9+0PKv7r8StZARh5QtuZqh7P45+vEEjCi9hcdv3 QvmeTsAUVQrA+NZMvdr+iaCUFwI+RX/5fveJyoxFSIk0OBavkdL/NtYsIZhgtWwQ DrYrHSzTSkXsiFczNXtSysrIjypJ9zRt046sHi8haClQkDPi1JZejzG9OKAkFu5E O4bkZjjRZtb//tVQTj0MhCDcRhoWA50MNGVrUbe29UApFpT6fYbsKS+3bQ0GGYk= =xPvg -----END PGP SIGNATURE-----
Wait, do you *have* to keep your private keys in keybase? I thought it was mostly pubkey operations? I'm much more skeptical if they keep private keys, that's dark stuff. Imagine how many private keys are protected with terrible passwords, and what damage you could do to the WOT if you could just quietly crack enough keys in the WOT and use them to sign a fraudulent cert? On 24/06/14 12:22, MrBiTs wrote:
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06/24/2014 08:28 AM, Cathal Garvey wrote:
You don't HAVE to, but they give this possibility. You can (if you want) store your private key in Keybase. They ask you to cypher your private key locally and send it to Keybase's servers. If you don't store your private key in its databases, you are unable to use some online services they offer, like to sign documents. You only will be able to do that using his NodeJS tool. But, your point is my point. I believe serious security professionals or people that understand the importance of cryptography first don't will send the private keys for Keybase and, second, if they do, they will use a strong password. We never must forget http://xkcd.com/936/ But, we know average people uses very weak passwords and only one password for everything. So, as I told, a little bit of paranoya is good, and this "feature" makes me believe a little less in Keybase, unfortunatelly. The main idea is pretty good and I'm trying to implement this culture in Brazil for a long time, but I use to say that ordinary people don't like computers: they like Skype, Facebook, Instragam... So, people don't care about privacy. If the same people see that movie about Asange, or read his book, or see the last news about privacy and Google and start to learn about cryptography, they will store private keys with lame passwords, and we'll have this fraudulent cert risc. In my opinion, nothing will replace a good key signature party, anyway. - -- echo 920680245503158263821824753325972325831728150312428342077412537729420364909318736253880971145983128276953696631956862757408858710644955909208239222408534030331747172248238293509539472164571738870818862971439246497991147436431430964603600458631758354381402352368220521740203494788796697543569807851284795072334480481413675418412856581412376640379241258356436205061541557366641602992820546646995466P | dc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJTqWejAAoJEG7IGPwrPKWrPgsIAJfKidpM828JdBNDnVVBUeWf ZD+Jj54+MM979mYKipLSD/fDGTv4RsUf6/qhgcdQyYNehVwA2q9vwoJAg6asn69+ 6/ypDzLVfH599Hq8b/EUQgBDxwgXzoeg0BOCuzSBY6axgmJclVZCQWpWto+8iEEb 9FpM1qIX6QLuUR9qhh1tahsYdWerQsbj55S31mwnkhkbNBteKJQHT3cLRbzEZpAM khFP/lK4xCmR3vAvQHszEN0mcvsxmieX4y3mrN9mYCHsFNhLGuKo2mNfIk4oIxt2 eFsCm+tJTQgYJ1byw6Oxzc970J0tR/cjSwZd0DDssDc3muRXhZQGrmNXeTnUdU4= =0lT5 -----END PGP SIGNATURE-----
I'm not against cloud-keys as long as they're encrypted, and I've thought of services that make use of cloud-stored keys in the past. But the critical ingredient to getting this right is CPU/RAM-hard key generating functions to make "bad" passwords "barely acceptable", and "userland" code that rejects stupid passwords entirely. Of course, hackers will be able to circumvent shitty-password-restrictions, but we hope that the band of people competent enough to circumvent password quality checks yet stupid enough to use a bad password is small. The problem with Keybase is that the infrastructure they're based upon, PGP/GPG, is probably not using modern key generation algorithms by default for symmetric encryption of keys. So, how many keys are encrypted using key algos that are easily cracked? If they were using hard keygen algos, then even bad-but-not-terrible passwords would be not-entirely-trivial to crack. But keybase can't even enforce that, because the PGP infrastructure is too legacy-laden. On 24/06/14 12:57, MrBiTs wrote:
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/24/2014 05:15 AM, Cathal Garvey wrote:
This should be pretty easy to test. Anybody got a spare keybase.io invite that they're willing to burn for a test run?
not-entirely-trivial to crack. But keybase can't even enforce that, because the PGP infrastructure is too legacy-laden.
I have to agree with you on that. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Gentlemen, you can't fight in here! This is the War Room!" --Merkin Muffley -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTqbOsAAoJED1np1pUQ8Rk+YAP/2PqSBpPRE1yIM7NmWllQ0XU /GmWHSTJ2ptuhyBiXgtg7crMfR8ov0eP/IVtgJ6ZW+MMyPvclPvKKKg5lUCpO6c2 kIO4HjmacZ7JoZh0hF2ps80Xa2/xOxJc1lAgvpNEQe3SWVFcxQXzqYLYAFgtL3Mv OatPP+H5m0g2dQY1+/4uSWx24FjVNjFbiYEUc6C1sdouwwPA2MqrcnnnOOJ5xDf4 qotisNUu3Zt9jc4KT5cGdAJKkLcGMStH4bzhwX6a1N+5y5lwKqB5VPhAx8O0kh8D Hv3TcxnXVMAtgVN7ruj20Zxm4Z5lHTWX0DmdxkCH0o8BXWXUT44ijxj6y/VTT9eu 9nIagrAryCid8ihL7RaLBvzBOd6xHEFg4VVvzASWsElp9HIBnxE1QUFMz48PzbjO 308LiEc4FvNjyf1XjtStJNNssXP9Wcc8pNzitoRU+F+4cQJUPrsE45xCMJ8VFK47 cu6yJGEfVboG9mpzTCKIllvm7vgDKtssGqTpNoOGus+Vc4jxqFBug0NX9vlPRtmC rgcLlp2srL2LeWqYOfIkYBcGxFat6702UoE22c9o6RINW+/6YXrg4jpvRcmEJHI5 VSQD0aN6AANovhRqD6DYUYRLBCb3utACExK8I/zTXy3e4U9hS0/sFxPRKcWt8oQS SqCtDCFXL2Y6vmPmQ27G =UnFY -----END PGP SIGNATURE-----
Hey Pontifex,
Exactly, it doesn't. OpenPGP/GnuPG allows (strongly encourages!) you to encrypt your private key, so that you can only perform private key operations if you provide your passphrase. *In theory*, a well-encrypted private key can be uploaded to the NSA's own servers without hazard; this is the idea of "semantic security", I'm told. So, uploading a well-encrypted private keypair to keybase *should* be OK, with certain caveats. Leaving aside that it's a bad idea anyway, because the fewer copies of your private key there are under various passphrases the better, my main concern is that OpenPGP never was designed for semantic security with modern key-cracking in mind. So, decrypting private keys for use is quite fast, whereas you really want decryption to take a second or more so that brute-force cracking will take forever. Really though, I'm wondering whether it makes no difference how good the key schedule is because many people will continue to use terrible passphrases for their keys, and keybase or their NSA friends could just parallel-brute-force every key in the DB and compromise those keys quickly, using them to spread falsified keys with good standing in the WoT.
You're making assumptions about my level of knowledge on the subject, here. I'm discussing the suitability of the key schedules used for encrypted PGP private keys by available software, and whether these schedules are suitable for use entrusting your key to a remote, US-based webservice in a "zero knowledge" way. Especially as probably most OpenPGP implementations won't sanitise stupid passphrases. -- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/24/2014 04:28 AM, Cathal Garvey wrote:
Wait, do you *have* to keep your private keys in keybase? I thought it was mostly pubkey operations?
You do not. keybase.io works just fine as a CLI app if you don't. - From the frontpage: "Keybase.io is also a Keybase client, however certain crypto actions (signing and decrypting) are limited to users who store client-encrypted copies of their private keys on the server, >>>an optional feature we didn't mention above<<<." keybase.io does an okay job of making some GPG commands easier to use and remember. At the very least it files a few of the rough edges off. gpg -s -o something.gpg -r "bob@laundry.gov.uk" -e fooble.txt vs keybase encrypt bob -o something.gpg -s -m fooble.txt It's got some pretty nasty warts of its own, though. For example, the user cannot encrypt to multiple recipients at this time (https://github.com/keybase/node-client/issues/152). It's a little slow on startup. The command to list your keybase.io keyring (which is distinct from the contents of ~/.gnupg/pubring.gpg) is highly unintuitive. It abstracts away fewer of the common GPG command line options than it seems. After playing around with it for a few weeks, I think that apps like gpg-crypter (http://gpg-crypter.sourceforge.net/) and GPG4win seem a little more intuitive for new users. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Maybe I'll be wantin' a bagel with my coffee.." -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTqbLdAAoJED1np1pUQ8Rkvh0P/j1oH9GwviuzxoX3/7SGhEdz gQIiBuwM5lMEuz+YWZRx9nWT4/4Nd8rtbOM6rRF3OqWiVGPpaf3DmcrFwdJsVl/u 5E0bHouQXMqxisQzNEJ7i/JAYqlMjAEbVb2Ot4ArWNovCk/IwgONyGh52uAujAYv 1GWsOC7tXFnETM+QhDgn78uKswPet0a8HizNdKPZQKK+qftgZDxtZ3A2q9Tc5oBn HxzB8Wrnm7jERMei41CYFn1O/Yk6hfYKD0Y9sPIAbui88b3y1XkE/KXCHma3626p oDstRhCMMI8ztjsa4AiEVZkrlbJWK8AoTlwpNybcbCW/aeqg6gX1SaPgNzX8OKe0 1iT6eD+NUDQdGjRmaiLKpP55oqmLsq/9/TunUluuCpB3TK1gUndgDeokOQu2lZci n80Re/mdIlutAgTTVMdzfFcOY92lePMGDI88bJUosY294tCvR8gRIHPJqF4YM+cD +LyTn2iUXOZH2xv6vRZyY0uI1W7Oa5mNrhXRnDfZNIrjo1s6aDAw9lgN6JhP3Bo7 AHFUddP2ULzI0jF3U/e9qz43dhMPPaLBODR6igBk4QY8MHtlTGHsZHnO1aAmIoeu u8zbBuSohGjThxHlR2FCjwJTR8ccIkuHqpi39rD+0dOf4XsVWyA/b/HthME5pCy0 BKRPni0zcO3+AXYP8FrI =3v6s -----END PGP SIGNATURE-----
Yes, they are working with invitations. But I wouldn't say that's a real WoT. You even can invite people you're not trusting. You can create a fake Twitter account, a fake GitHub account, ... that looks like real. I still have 4 invites left. If you're interested send me an email. On Fri, Jun 20, 2014 at 6:03 PM, MrBiTs <mrbits.dcf@gmail.com> wrote:
On Sat, Jun 21, 2014 at 2:50 AM, kossy <kossy@riseup.net> wrote:
I have a few invites left. Message me if you are interested.
Invites serve no purpose other than for the 'system' to link you to someone else. A farce upon the naive under the draw of temporarily achieving elite social status. No thanks, you can keep your invites.
On 20/06/2014 18:03, MrBiTs wrote:
Hello, guys
Hi
Keybase.io seems to be a great tool
My first impressions it is hosted on amazon... My questions: How is it secure? How the pubkey is transfered? Is it encrypted from server to client? How do you manage MiTM?
to create a true WoT.
I am sorry to play the devil advocate here but at the moment, this is a true LoT => Lack of TRUST Please secure your infrastructure, secure your servers until you are able to provide a secure openpgp keyserver service and a secure encryption message service.
Are anybody in there?
Yes ;)
They are working with invitations.
Please stop spreading invitations.
participants (11)
-
beam -
Cathal Garvey -
Christian Mayer -
Cryptoparty Marseille -
Eric Mill -
Felix Eckhofer -
grarpamp -
Gutem -
kossy -
MrBiTs -
The Doctor