Keybase offers encrypted chat where you control all the pieces - No SIM or phone required
The gold standard of secure private messaging requires end-to-end encryption between the parties involved with no way for the messaging service to obtain the keys used to scramble the message. Open Whisper Systems’ Signal Protocol and Signal apps implement seemingly the best version of that.
But there’s a small problem: the Signal apps are tied to your phone number, and Open Whisper uses a registration system to match you and find others. Companies like WhatsApp (part of Facebook) have taken the Signal Protocol and built it into their apps, but they have a similar problem of centralized management, even though it’s done well.
However, neither WhatsApp nor Open Whisper can obtain the keys involved in chats because of how the system was designed, which is what’s important. Apple’s iMessage is secured end-to-end, but a weaker design makes it feasible (if unlikely) that Apple could revise the system without users being aware to reduce the ability for messaging to remain absolutely private.
This is where a new, modest offering fits in from Keybase, a company centered on user-controlled ownership of identity using cryptographic elements, where said identity is proven and validated through social media accounts, websites, Bitcoin, and other methods. Keybase has just introduced an end-to-end encrypted chat option that relies entirely on cryptography and validation that’s in your control.
Cofounder Max Krohn says, “If someone came into our office and put a gun to our head, and said, ‘Guys, we’re going to need you to give out the wrong cryptographic credentials for this user,’ we’d have to say we can’t do this.” Even if Keybase’s systems were breached, only encrypted data would be leaked, requiring users’ keys and passphrases to unlock.
So you have a public and private key. You can share your public key but never your private key. You share the "proof" of who are by posting a public message on accounts that you own such as Twitter, Facebook, a Bitcoin account, etc. The more you are authenticated to, the more people can trust your profile, and a hacker would have to hack all those accounts to be able to take control of your Kaybase account. Without being tied to a phone number means you can communicate without even having your phone near you.
Right now Keybase runs on Linux, MacOS, Windows, Android, iOS and as browser extensions for Chrome and Firefox. On the downside it does not yet have any voice or video chat.
|Keybase offers encrypted chat where you control all the pieces
The cryptographic identity validation service Keybase has added end-to-end encrypted chat to rival WhatsApp and iMessage.