2 releases
0.1.1 | Feb 23, 2021 |
---|---|
0.1.0 | Feb 23, 2021 |
#5 in #keybase
24KB
557 lines
KeyPlace
- Human friendly key derivation
- Server-assisted + persisted
- Attack resistant
- Use it in WASM or wherever
Why
So, you use paired-key cryptography on the internets, but you're getting fed up with silly humans writing their private keys on cocktail napkins? SAD!
What if I told you there were a way for YOUR server to help manage these keys, but in a not-totally-crappy way?
It slices, it dices:
- Securely derive private keys with no persistant storage on the user's station!
- The server helps, but cannot actually see the keys. If your server gets pwned, you still win!
- You get to change your keys and passwords independently!
But wait, there's more:
- Store multiple keys using that one password
- Store each key using multiple passwords
- You can implement secure key recovery techniques
KeyPlace is inspired by the Keybase key derivation algorithm https://book.keybase.io/docs/crypto
use keyplace::{AgentKey,PassKey};
let agentkey = AgentKey::create(None);
let passkey = PassKey::new("I like turtles");
let custkey = agentkey.custodial_key(passkey);
// the custodial key is safe to send to the server
// Never send the passkey to anyone!!
let passkey2 = PassKey::new("I like turtles");
let agentkey2 = AgentKey::from_custodial_key(custkey, passkey2).unwrap();
Dependencies
~5–16MB
~236K SLoC