Keybase Is the Encrypted System You’re Looking For
WHAT STARTED AS A SIMPLE public key registry is now an encryption powerhouse for all kinds of users. If you’re looking for secure replacements for file sharing, cloud storage, chat, Git, or user authentication, Keybase probably has you covered. By making encryption easy, Keybase is looking to make communication and collaboration more secure.
I signed up for Keybase.io a few years ago. Back then, I saw the service as an innovative method to share PGP public keys. Since then, the upstart encryption application has expanded to cover several services well beyond its initial offering.
First off, I have never once used my PGP key for anything other than signing emails. Pretty Good Privacy—implemented with GnuPG or GPGTools and commonly known by its open-source moniker GPG—is one of the most powerful public key encryption tools available. Unfortunately, using GPG to encrypt text and files can be cumbersome.
Furthermore, proving the authenticity of a public key is problematic. When polling old key servers like that hosted at MIT, only the key fingerprint and email address can be used to authenticate a key. Keybase’s methodology is different: Each user can use a number of social media accounts to authenticate their public key. With a simple set of keystrokes, one can encrypt a message to a Keybase user with their public key, even if they don’t know the recipient’s Keybase username.
If someone wanted to encrypt a message to me, they could use my Keybase username (alexcampbell) or my Twitter handle (accurrently@ Twitter) via the command line. While this is nice, newer Keybase features make this process nearly obsolete. The Keybase File System (KBFS) works a lot like Dropbox, and creates mount points on your local system (generally at /keybase on Linux and OSX). If Alice wanted to encrypt a file to me, she’d simply place a file at the mount point /keybase/
private/alice,alexcampbell , which is a folder that automatically encrypts all files placed within it with my and Alice’s public keys, before being uploaded to Keybase’s cloud storage. Alice can also have a private storage folder at /keybase/private/alice .
The kicker? Every Keybase user gets 250GB of free cloud storage, and any shared files only count against the original sharer’s quota.
Keybase has encrypted userto-user chat and a feature called Teams (a drop-in replacement for Slack), using the same public key encryption scheme.
Keybase now provides for encrypted private Git repositories, too; while GitHub has private repositories, the files in those repositories are stored unencrypted. If you have a personal diary or a collection of configuration files with secrets, Keybase’s Git feature is an option.
Keybase also offers the ability to hold the Stellar cryptocurrency Lumens (XLM) in a wallet accessible via the Keybase app, making it simple and seamless to use the currency. A Stellar wallet is included as a proof of identity, so you can be sure a Stellar payment to Alice is going to Alice, not Bob.
For now, Keybase is free to use. The project got a first round of funding from VC firm Andreessen Horowitz in 2015. While the software is open-source, Keybase has hinted at letting users pay for more storage or other enhanced services to sustain the business.
If nothing else, the 250 GB of free encrypted cloud storage is worth checking out Keybase.
A word of caution: While Keybase can create a private key online, always generate a GPG keypair on your own machine. The Keybase docs can help with that.
Alex Campbell is a Linux geek who enjoys learning about computer security.
The upstart encryption app has expanded to cover services well beyond its initial offering.