Introducing KIPA: Distributed Key to IP Address translation


Announcing KIPA, a distributed network that provides a simple service - given someone’s public key, KIPA will return their current IP address. It maps Keys to IP Addresses.

$ kipa search 1234ABCD
1.2.3.4:5678

KIPA is a side project of mine, and while it’s still in its early days, a working & benchmarked MVP is available here.

KIPA is distributed: it’s powered by the devices that use it. If you’re looking up IP addresses in KIPA, then you’re helping others to do the same. You connect to devices that are close to you in KIPA’s key space, which allows other devices to do searches for keys within the key space.

KIPA lets you build distributed systems with distributed IP resolution. Distributed networks have several advantages (improved privacy, no single point of failure, community control), while centralized networks have one huge advantage: they’re much easier to build. KIPA aims to level the playing field by making distributed IP address resolution easy.

KIPA solves different use cases to DNS. When we talk about resolving IP addresses, most of the time we’re referring to DNS, which maps domain names (as opposed to public keys) to IP addresses. However, the use cases of DNS and KIPA have very little overlap. For example, you might want to use KIPA when:

  • You know the public keys of devices in your network.
  • You’re enrolling large amounts of devices (e.g. IoT networks).
  • You’re regularly changing a device’s IP address (e.g. devices aren’t always in the same physical location).
  • You don’t want to go through a single centralized server (so your internet-connected product can last longer than your company does!).
  • You don’t want a single entity (e.g. DNS servers) to know the IP addresses you’re looking up.

But you would want to use DNS if you want human-readable (and human-memberable!) ways of looking up IP addresses.

KIPA works by projecting public keys into key space. Each device in KIPA has a public key, which is projected into key space - an N-dimensional euclidean space. Each device then connects to other devices close to it in key space. This allows KIPA to search for keys using greedy-first searches across devices. You can read more about this here.

What’s next for KIPA? There’s still a lot of work to be done, including:

  • Using UDP to speed up search times (dropped packets can be compensated for by querying different devices simultaneously) (read more).
  • Improving privacy with noisy requests (read more).
  • Adjusting key space size depending on the number of devices in a network (read more).
  • Building a simple proof-of-concept chat app that uses KIPA.

Try KIPA out!

# KIPA is a work in progress - to be cautious, make a KIPA-specific key
# when trying it out.
gpg --generate-key

# Put the key's password in the same directory you run the daemon.
echo "my-p@ssword" > secret.txt

# Install KIPA.
cargo install kipa

# We'll need to connect to any node in the network. We give an example
# node. To connect to it, we first need the public key.
curl https://raw.githubusercontent.com/mishajw/kipa/master/resources/keys/D959094C.asc \
  | gpg --import

# Start the daemon, and connect to the that node.
kipa-daemon --key "$MY_KEY_ID" \
    --connect-key D959094C \
    --connect-address 46.101.16.228:10842 &

# Now you can search for key IDs that you have in GPG!
kipa search "$THEIR_KEY_ID"

You can read more about KIPA on the README, including its design and performance benchmarks.