GPG, Web of Trust, and Keybase.io
April 28, 2016
So what is this privacy stuff all about? Well, PGP/GPG implements what is known as a web of trust. A user creates a private and public key, associates their name and multiple identities (emails) with the public key. The private key is used to decrypt and encrypt the public key so no changes can be done to the GPG public key without the private key. Whenever sending a message or email a user can sign their message with their public key. The receiver (an email client for instance) can then check that the signature is indeed valid by looking at the public key which they obtain from one of several GPG key stores. The public key and message signature verifies that the message was sent by the holder of the private public key pair.
This however does not prove that the message was sent by the person who the key's identity claims to be. This is where the web of trust concept comes along. Say that you witness John Doe prove possession of a private and public key pair in person, you Jane Doe sign John Doe's key with your own identity. With this signature you state that you vouch for the legitimacy of John Doe's public key and that this key does indeed belong to the Mr. John Doe. Now say that some Bob Dobson receives a signed message from Mr. John Doe. He does not know Bob in person, but does know Jane Doe who's key he trusts (and signed). Since Jane Doe has signed John's key there is an indirect trust chain from Bob through Jane to John. Bob can be a bit more confident that Bob is the holder of this key, and not some other guy claiming to be John. The more people sign each others keys the more and shorter trust paths exists between individuals in the GPG web of trust.
In theory this works very well, but one weakness with the web of trust model is the need for people to validate a person's possession of a GPG key before signing it, best done in person (thereby the rise of key signing parties). Setting up a public private key pair is barrier enough for most people outside of the information technology sphere if not requiring them to run around to key signing parties. So in comes keybase.io with an identity verification service built on top of the GPG technology, but with a different take on identity verification.
On Keybase you no longer prove your identity by having other (preferably trusted) people signing your key. Instead you register a Keybase.io account, link it to your public GPG key, and are finally prompted to perform a series of proofs. A proof is essentially a message posted to some social service signed with your public GPG key. Services includes Github, Hacker News, Reddit, Twitter, your own domain (through DNS or hosted file), etc. When you've successfully accomplished a proof Keybase.io will link that social account to your Keybase.io account and by extension your GPG key. In effect you bind the sum of your social identity across different social services to your keybase.io account and your public key. Now if another Keybase.io user wants to send an encrypted message to your Keybase.io user the Keybase.io server will return a JSON object containing the public key and a list of services with usernames and links to the proofs. The Keybase.io client verifies that these are correct, and you as a user can also verify that John Doe on Keybase.io is the same user that you know from Github, Twitter, etc. This way people can also trust that the John Doe they see on Github is actually the same John Doe they know from Twitter. As an example, here is my Keybase.io profile. If you wanted to send me an encrypted message on Keybase.io, but were unsure if Snorremd was actually me, you could see that my Keybase.io account controls the Twitter and Github Snorremd users and snorre.io (this domain). It is quite unlikely that an attacker would gain entry to all of these services, so you would be quite safe to trust my Keybase.io account.
Keybase.io then solves part of the web identity problem, but not quite the identity verification problem itself. The Mrs. Celebrity of Github and Twitter fame might have the same GPG identity across Github and Twitter, but this does not prove that the GPG key is actually owned by the real Mrs. Celebrity. There is also no indirect trust chain. You can not say that you trust Jane Doe and implicitly trust Bob Dobson who Jane trusts. Keybase.io currently does not claim to implement a web of trust however, so if you are okay with that you should be good. Many people also primarily communicate with each-others web presences. You might not care very much about whether or not you are communicating with the actual Mrs. Celebrity, only that you are communicating with the Mrs. Celebrity as you know her on Github. To allow you some comfort in trusting Keybase.io users Keybase.io implements tracking, a feature in which you are notified upon any change in the public key or proofs of a user. All in all I think Keybase.io is an intriguing concept and might help make GPG keys popular outside the most crypto conscious circles.
Any questions or comments. Feel free to send me an email at firstname.lastname@example.org.