Google has taken a big step toward simplifying public key lookups at Internet scale with the release to open source on Thursday of Key Transparency.
Key Transparency is admittedly a prototype, Google said, but it could provide significant relief for secure messaging systems suffering from complexity that has seriously impeded mass adoption.
“Existing methods of protecting users against server compromise require users to manually verify recipients’ accounts in-person. This simply hasn’t worked,” Google’s Ryan Hurst and Gary Belvin said in an announcement. Hurst and Belvin said PGP is one example of a system suffering in such a way that most people avoid it despite its stated benefits.
“Key Transparency is a general-use, transparent directory that makes it easy for developers to create systems of all kinds with independently auditable account data. It can be used in a variety of scenarios where data needs to be encrypted or authenticated,” Hurst and Belvin said. “It can be used to make security features that are easy for people to understand while supporting important user needs like account recovery.”
The lookup service can be used to find public keys associated with an account, along with a public audit log of any changes.
“While being publicly auditable, individual records are only revealed in response to queries for specific IDs,” Hurst and Belvin said. “Key Transparency can be used as a public key discovery service to authenticate users and provides a mechanism to keep the service accountable. It can be used by account owners to reliably see what keys have been associated with their account, and it can be used by senders to see how long an account has been active and stable before trusting it.”
Google intends this prototype release as an engagement with cryptographers that will generate input driving Key Transparency toward a standard.
“Key Transparency dramatically improves the situation by providing a public audit record for all changes to data,” Google said. “When used with account data, Key Transparency provides a public audit record of all the actual recipients (in the form of public keys) associated with an account, all the times an account was updated, and who it was updated by—all in a privacy preserving way.”
Google engineers said it has integrated concepts from Certificate Transparency and CONIKS to build Key Transparency. Certificate Transparency is an open source framework developed by Google for monitoring and auditing domain certificates, while CONIKS is an end user key verification service developed at Princeton and Stanford.