Although PGP Encryption has been around for over 25 years, it has been difficult to solve the problem of how to securely distribute public keys to users, so that users can be confident that they are using the correct public key for those that they communicate with.
In 2015 the CONIKS: Bringing Key Transparency to End Users paper was published describing an innovative method for using Verifiable Data Structures to provide Key Transparency to users.
The Verifiable Maps hosted by Continusec are well suited for the type of applications envisaged by CONIKS. To that end we have built an open-source (Apache 2.0 Licensed) Key Server, and associated client, where the server is a thin wrapper over a Continusec Verifiable Map, to provide similar functionality to that outlined in the CONIKS paper.
This project contains the source code for a CONIKS-inspired Key Transparency server that provides an effective demonstration of how to use the Continusec Verifiable Data Structures API to produce a verifiable and trustworthy service.
This repository consists of two sections:
cmd/cks- The source code for a client that talks to the Key Serverserver- The source code for the server itself
To read more about the REST API provided by the server, please refer to REST-API documentation.
For a detailed guide to the client, see the Client Guide documentation.
For information on how to run your own server, see the Server Guide documentation.
The Continusec Key Server provides a Verifiable Map of Email addresses to PGP Public Keys with the following properties:
-
Any user may add or update their own public key to this map.
-
Any user may efficiently detect changes to their own key, or other keys that they are interested in.
-
Any user may efficiently defend against a split-view attack by gossip of a single tree hash.
-
Any interested party may fetch the current or historical public key for a known user.
-
Any interested party may audit the correct operation of the map by downloading all entries, without being able to gain a directory of email addresses.
Get the client, and use it to upload your public key. See instructions here.
Major security and privacy goals include:
-
Verifiable Transparent (auditable) log of all mutations, without being vulnerable to an offline directory harvest attack.
-
Ability for a typical client to efficiently verify their own key, and that of their friends, and that the state has advanced forward in time.
Non-goals include:
- Rock-solid validation of whether a party is authorized to upload a public key. Rather we make such an action transparent such that any interested party can see all changes to public keys for a user and take appropriate action if a misissued public key certificate is detected.
It may be desirable for another party to run their own Tree Head Log - in such a way all audited map states could be added there for efficient checking by clients.
For any questions / feedback, please open an issue in Github, or send mail to: [email protected]
The primary purpose of developing the Continusec Key Server was to provide an effective demonstration of the capabilities of the Continusec Verifiable Data Structures API.
We thank the CONIKS folk for the inspiration to build this demonstration.