Show HN: PubKey – Communicate Privately in Anonymous Public Spaces (pubkey.pm)
A little while back I remember seeing a user on a certain anonymous imageboard asking for an invite to a selective email host. Only after a few minutes did the guy realize the perplexity of the situation. How do you insure against a race condition in a public forum with no way to direct message?
Luckily, he nabbed the invite code, but it got me thinking about using PGP to provide a solution. This is meant to be a rough PoC and the UX is definitely not ready for the average Joe, but the functionality I'd like to think is there.
What catbox.moe is to dropbox is what I'd like this to eventually be to keybase. Btw, "this page uses NO SERVER" just means it's static. I'm not trying to fool anyone lol.
Edit: Source Code: https://codeberg.org/popcalc/pubKey
66 comments
[ 3.0 ms ] story [ 121 ms ] threadEdit: Source repo in original post!
What are options? Password manager (most people I know don't use one), Browser keychain (no guarantee of sync between user devices), WebAuthn (same problem), IndexedDB or localstorage, (both can be purged, again, no sync).
Unless I'm missing something, I feel this is problem worthwhile solving as a community, it would unlock a lot of utility/privacy for the average web user.
Would love to hear any more qualified takes on this.
https://www.pubkey.pm/msgIndex.html?hash=U2FsdGVkX19LN06nBQs...
Try replying with your encrypted email and I'll reach out!
U2FsdGVkX1/FFKGwfCgflTAvl5rr2RP+WSQ4n/tGHuMcFnD8JFfXJfoAzIHAVakHSOiiM7MnOsAZGT2jyh/+Sgs6mgN4wea6RnMx8dIXCItuu5g462RG9un8fHivYtqdTNBa3XLp8HDWsPXMHoEoiP4M1F9nrQhMREYFp2Q6fpiEpZY4q1a+VtGpLIjdVk2k788eMQjvYZh/vruzvx751HCzz/D+lsVSFJsOaoZQpqOTj4iD/kSludUkKY7v/vk8fcew4i88RtEc63oRgarLiBEu5rB1PGxCf32/8tVVjy4/B2QmQ8nYdL50SR4oeU52lb3pyciOweuJOiE88U+WdmQ4IJ+LNozGYE514vta5Qy2ZCHgHhHNTrs32X6n9+1w0Mv0Y8z/Cxf28Rm356pIPw==
Why does "Regenerate Private Key" not actually regenerate private key?
Why is the pubkey obfuscated by encrypting with "123NSA"?
How do I know the 624-byte pubkey "hash" doesn't contain the 32-byte private key?
How do I know the server isn't secretly harvesting IP addresses, associating them with pubkeys, and crawling referrer URLs for messages?
You're loading bootstrap.bundle.min.js from jsdelivr. This opens you up to an unnecessary supply-chain attack (i.e. if jsdelivr becomes compromised or malicious, it can ship a modified version that exfiltrates user data). You're also loading crypto-js.min.js from cloudflare, which has the same problem.
I would recommend moving both of those 2 script files to your own domain so that the user is only trusting 1 site instead of 3.
EDIT: I just noticed you are using subresource integrity to mitigate this problem. Never mind then, carry on!
> The URL generated contains an ECC curve25519 ciphertext (wrapped in AES simply to throw off SIGINT) that contains an armored version of the public key corresponding to the provided private key. People can visit this custom link and enter their message to encrypt it only for your eyes.
I don't quite understand the idea behind wrapping the ciphertext in AES, with a constant key of "123NSA".
The implementation is pretty short: https://www.pubkey.pm/index.js
EDIT: Also confused about the multi-key encryption and ZKP mentions.
For scaffolding, I built upon a very cool PoC in its own right.
https://zkmulticrush.github.io
I've cleaned up the references to ZKP etc. My insomniac eyes didn't catch it.
Edit: The git repo has all the diffs between the two projects.
Posting the public key URLs publicly was a big part of the use case I imagined. It's well known that armored PGP text gets immediately swallowed up by all kinds of actors scraping the internet. Public keys are valuable metadata and can come in handy ten years down the line for an intelligence org. The AES thing is nowhere near a solution, but a tiny bandaid.
[0] https://keyoxide.org
[1] https://codeberg.org/keyoxide/
What if you made this a web extension, and took control of textareas everywhere on the web?
Why not be able to turn any message delivery (ex. facebook messenger) into a delivery for private messaging. What keybase used to be (a repository for peoples' public keys) would be a great integration point -- if the person has a public key listed (maybe in a twitter bio, etc), you can send them messages that are encrypted with a generated symmetric key + nonce (the usual safe enveloping rigor you need) -- and every message you send them might start with the URL or the actual encrypted message itself (and it would be up to them to use the extension to decode it).
It would be easy to get this working with a browser (a sufficiently powered web extension would do), but a bit harder to get it working on phones since the APIs aren't QUITE there, but IIRC there are some screen scraping APIs that could actually work (as long as your read the screen text, convert that to a message, then decode etc).
https://mailvelope.com/en/
https://github.com/XCF-Babble/babble
There is another group that fully supports an E2EE Facebook https://github.com/DimensionDev/Maskbook
That's why services like HN aren't truly anonymous but pseudonymous.
It takes a lot of effort, a lot of knowledge and a lot of luck to stay truly anonymous on the internet... especially in the long run.
The only way to be sure you're never identified on the internet is to never use it at all.
[0]: https://age-encryption.org/
"It's in the code."
"Riiiight."
https://en.wikipedia.org/wiki/Security_Protocols_Open_Reposi...
1. https://www.w3.org/TR/did-core/ 2. https://keri.one/keri-resources/
The former has good traction, why not support that? (they don't require a blockchain btw, though some implementations propose perhaps one of the most appropriate uses of one, simply to store public keys and revocations).