#key-derivation #key #derivation #keybase #web

keyplace

Keyplace - server assisted key derivation for humans

2 releases

0.1.1 Feb 23, 2021
0.1.0 Feb 23, 2021

#5 in #keybase

MIT/Apache

24KB
557 lines

KeyPlace

  • Human friendly key derivation
  • Server-assisted + persisted
  • Attack resistant
  • Use it in WASM or wherever

Why

So, you use paired-key cryptography on the internets, but you're getting fed up with silly humans writing their private keys on cocktail napkins? SAD!

What if I told you there were a way for YOUR server to help manage these keys, but in a not-totally-crappy way?

It slices, it dices:

  • Securely derive private keys with no persistant storage on the user's station!
  • The server helps, but cannot actually see the keys. If your server gets pwned, you still win!
  • You get to change your keys and passwords independently!

But wait, there's more:

  • Store multiple keys using that one password
  • Store each key using multiple passwords
  • You can implement secure key recovery techniques

KeyPlace is inspired by the Keybase key derivation algorithm https://book.keybase.io/docs/crypto

use keyplace::{AgentKey,PassKey};
let agentkey = AgentKey::create(None);

let passkey = PassKey::new("I like turtles");
let custkey = agentkey.custodial_key(passkey);

// the custodial key is safe to send to the server
// Never send the passkey to anyone!!

let passkey2 = PassKey::new("I like turtles");
let agentkey2 = AgentKey::from_custodial_key(custkey, passkey2).unwrap();

Dependencies

~5–16MB
~236K SLoC