Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Project Development
Topic OP
Bitmessage v0.2.0 - Now using Elliptic Curve Cryptography!
by
Atheros
on 25/01/2013, 22:21:40 UTC
This is a major upgrade and includes these exciting features:
  • Elliptic curve secp256k1 is used for Bitmessage's signing and asymmetric encryption.
  • Keys are stored in Wallet Import Format in the keys.dat file which can be opened with any text editor
  • Deterministic addresses
  • Addresses are shorter (without sacrificing strength). They are now the same length as Bitcoin addresses (except for the BM- prefix)

Bitmessage now uses an OpenSSL wrapper for its cryptographic functions.

https://Bitmessage.org

Short Introduction: Bitmessage is a P2P communications protocol which is used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities, like root certificate authorities. It also aims to hide "non-content" data, like the sender and receiver of messages, from eavesdroppers.

Here is the whitepaper!

You'll notice that Bitmessage prompts you to delete your old version 1 addresses if you have any. This is because old RSA addresses will no longer be supported. Deleting your addresses is optional and you can still send messages between v1 addresses but not between v1 and v2 addresses. During the upgrade I decided that it would be worth it to make large backwards-incompatible changes to the protocol in order to make it more logical and consistent. This will help others develop their own clients in the future but has the side effect that v1 address cannot be used to send messages to or from future address versions without more programming (and complexity).

Keys are interchangeable between Bitmessage and Bitcoin. Bitmessage even prints the other party's Bitcoin address in the console which it generates from their public key (along with a warning to be careful). I have tested this with real bitcoins: Alice sends a message to Bob. Bob sees Alice's Bitcoin address when he receives the message (in the console output) and sends a bitcoin. Alice opens her keys.dat file and copies the private signing key, which is stored in wallet import format, and imports it into Bitcoin (I used blockchain.info's wallet because they make it easy to import a private key). This feature is meant as a proof-of-concept; please don't play with significant amounts of money.

Security warning: An active attacker who sends many messages to a particular address in a particular way may be able to determine whether or not the address is owned by a user at that particular Internet connection. Further research is needed. I believe, however, that users are safe from passive attackers, like government intelligence agencies in most cases. Users are also perfectly safe subscribing to broadcast messages from others.

To report issues please use the Github issue tracker if you have a Github account, otherwise you can reply here or send me a private message.
I look forward to wider audiences for Bitmessage and Bitcoin in the future!

-Jonathan