Skip to main content

Google is looking to improve public encryption key identification with ‘Key Transparency’ initiative

With how much our lives reside on the internet either through a web browser or an application on our phones, it is important that everyone’s private data stays secure and of course, private. To do this, companies and developers are implementing encryption into their programs. The issue, according to Google, is that there is no easy to use, generic way to identify and authenticate a user’s public encryption keys…

Key Transparency is Google’s answer to this problem. With this project, Google is making it possible to identify and establish secure connections even through untrusted servers. To do this, Key Transparency is creating a lookup database with records of a user’s public encryption key and their “online personas” that have already been authenticated. In addition to this, there will be a public log with all record changes that is supposed to be tamper-proof.

To make this generic and open solution work, the individual records have to be publically accessible by all. Fortunately, the only way to find a specific user’s information is by submitting a search for a particular ID.

Just last month Google announced Project Wycheproof which is meant to help combat encryption security holes found in programs. With Key Transparency, Google will hopefully make it easier for developers to authenticate a user and establish an encrypted and secure connection with them.

You can find more information about Key Transparency on Github or at KeyTransparency.org.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Justin Duino Justin Duino

I’m a writer for 9to5Google with a background in IT and Android development. Follow me on Twitter to read my ramblings about tech and email me at justin@jaduino.com. Tips are always welcome.