July 8, 2013 at 23:42

BitMessage Protocol Description

In light of the PRISM program, many Internet users have an increased level of paranoia. I think using the BitMessage protocol will help you feel more secure.

Immediately make a reservation that the protocol is quite young, although quite promising. The youth of cryptography means may indicate that not all defects (including those critical to preserving the message or your anonymity) were found and fixed. The client version 0.0.1, written in Python, was released on March 21. Version 0.3.4 is now relevant and popularity, as the number of users is growing, exponentially.

Compared to chatting in tor, or i2p captivates the ease of installation of the client. Literally in one click!



Addresses


To start using the protocol, you will need to create your own network address. In fact, the address is a hash (base58 encoded) of the version, stream, and public keys.
Address example:

  • BM-GtovgYdgs7qXPkoYaRgrLFuFKz1SFpsw
  • BM-2D88888iFvohJyschKVRKTJq4KCboU9sov

All user addresses, along with the keys, are stored in the keys.dat file. For example, like this:

[BM-BcNyrZGAEWH7ShtRKsJRtWCnR5mUYpN8]
enabled = false
privsigningkey = 5JzhSaTpKFhZ1bMkmUiFhpvbzMqaNcc3vLEHBhbuVX7LgVPqkAM
privencryptionkey = 5JQxLd1iQD7uvfTiCgsFgFi63iDJVCEXF2TGvRC5wn5aC5e27mW

To initiate communication, you need to transmit to your interlocutor (naturally via a secure channel) this address and find out the address of the interlocutor. Further, if your client (program) does not yet know the public keys of the interlocutor, then when sending the first message, these keys will be requested. For each key received, it is checked that the key was not changed during the transfer, this is done by generating the address from the public key hash independently, and comparing it with the requested one.

At the TCP / IP level


PyBitmessage client uses the default port 8444, while the client has a built-in proxy feature, and hints at the use of tor.
Laid down, but, as I understand it, the possibility of using IPv6 is not yet fully implemented.
When connecting to a p2p network, each client indicates which streams (each address is attached to a stream) are of interest to it. After that, he receives all messages of this stream. To send a message, it is transmitted to all nodes to which it is connected, and they, in turn, to the nodes to which they are connected, and so on, until the message is on each node of the stream.

Proof of Work (POW)


Messages are stored on each node of the BitMessage network for 48 hours. In order to prevent flood, when sending a message, the program is engaged in the selection of an 8-byte message prefix in order to receive a message whose hash will be less than a specified value (a mechanism similar to mining in bitcoin). Usually this work takes 2 minutes on the sender's side. Check the result on other nodes, and you can block the flood very quickly.

Messages


Each message on the network is signed by the sender. The program displays a message to the user only making sure that the message was not changed during forwarding.
There are two types of messages:
  • Broadcast (Broadcast)
  • Private

Each message is encrypted and has no hint about which key should be used for decryption. Those. you have to sort through all your keys for private messages, and all the keys to the addresses of which are signed, for public.
Broadcast messages allow you to hide the sender of the message (sender's IP address, but not the address in the Bitmessage network). When sending a message, it is encrypted with the sender's private key. Anyone who knows the sender address can decrypt the message with a public key and read the message itself.
A private message hides both the sender of the message and its text from everyone except the recipient. When sending a message, it is encrypted with the recipient's public key.

How is anonymity achieved?


All messages are sent to everyone. But due to the fact that they are all encrypted, it is impossible to determine who the message is addressed to or who the sender is. Moreover, even having determined that we are interested in the sender of a certain message (for example, broadcast), it is difficult to understand who originally sent it to the network. And in the case of using tor is even more complicated.

What you have to pay


Enough traffic - you get all the messages in your stream. Today it is 40 megabytes.
Sometimes, 100% processor load - to send a message you need to calculate POW, and to get try to decrypt with all your keys.

Protocol specification


The official documentation for the protocol is at bitmessage.org/wiki/Protocol_specification

How to use it


For personal contact - the client downloaded from the official site, run (no installation required), enjoy bitmessage.org/wiki/Main_Page
for programs not on .NET , you can use the API official client bitmessage.org/wiki/API_Reference
for use in .NET applications can be use the library on c # github.com/sharpbitmessage/SharpBitmessage

Well and most importantly, my address is BM-2D88888iFvohJyschKVRKTJq4KCboU9sov
Tags:

Also popular now: