Written byPatrick Howell O'Neill
Public encryption key database Keybase announced a Chrome extension Tuesday lends the service’s encryption tools to many of the most popular social networks including Twitter, which does not encrypt private messages, and Facebook, which requires users to opt-in to encryption.
Created by two of the founders of SparkNotes and OkCupid, the service has built some of the most interesting encryption tools on the Internet. The browser extension comes in the wake of apps for PC, Mac, iPhone and Android, as well as an encrypted file sharing system.
The first half of 2017 has been extremely active for the team who say they will now focus on improving what’s already been launched. Keybase has just over 146,000 users, co-founder Chris Coyne told CyberScoop.
At a time when PGP (Pretty Good Privacy) encryption has been heavily criticized as far too cumbersome, Keybase offers an set of tools that make secure messaging, file sharing and verification easier than other PGP offerings.
Keybase has grown significantly beyond PGP since it first launched, but it remains by far the easiest way to use the old encryption protocol.
There have been a few points of contention with the messaging service, including Keybase’s lack of “forward secrecy,” a protocol that generates a unique encryption key for every session and prevents secret keys or passwords from being compromised by past conversations.
Coyne told CyberScoop that implementing forward secrecy would result in significant usability implications.
“Some tiny fraction of the population really want forward secrecy on everything they do, but that’s not really what the majority want from their primary file storage and messaging services,” he said. “People don’t want their photos and videos and messages to disappear when they update their iPhone. So we’re taking the harder step of making it work right, and then we’ll be adding ‘exploding’ messages which are off-the-record as a mode you can take the app into.”
The improvements to Keybase come as other encrypted apps, most notably Signal, start to offer their own robust feature set. Recent updates to Signal include encrypted file sharing and multimedia chat to the already highly regarded app. Signal boasts millions of users, headline news stories and unparalleled momentum. Keybase is, by comparison, advancing at a slower pace.
Here’s a set of screenshots from the new Keybase Chrome extension showing the “keybase chat” button inserted on sites like Twitter and Reddit. When clicked, the extensions mingles with the open source Keybase app to enable encrypted chat and file sharing.
You can also leave messages for users that aren’t signed up with Keybase. In order to reply, a user would have to validate their account with Keybase. The validation would require signing up with the service, then the user would receive the message.
Here’s a message for the president demonstrating how the app works with Twitter:
You can download the extension on Keybase’s website.