BitMessage Protocol Description

In the light of the PRISM program, many Internet users have an increased level of paranoia. I think using BitMessage protocol will help you feel more secure.



At once I will make a reservation that the protocol is rather young, although quite promising. The youth of the means of cryptography may indicate that not all defects (including those that are critical to save the message or your anonymity) were found and eliminated. Client version 0.0.1, written in Python, was released on March 21st. Version 0.3.4 is currently relevant and popularity, as the number of users is growing exponentially.



Compared to chat in tor, or i2p impresses with the ease of client installation. Literally in one click!

')

Addresses

To start using the protocol, you will need to create your own network address. In fact, the address is a hash (encoded base58) from the version, stream (stream) and public keys.

Sample addresses:

• BM-GtovgYdgs7qXPkoYaRgrLFuFKz1SFpsw
• BM-2D88888iFvohJyschKVRKTJq4KCboU9sov

All addresses of the user, along with the keys are stored in the file keys.dat. For example:



[BM-BcNyrZGAEWH7ShtRKsJRtWCnR5mUYpN8]

enabled = false

privsigningkey = 5JzhSaTpKFhZ1bMkmUiFhpvbzMqaNcc3vLEHBhbuVX7LgVPqkAM

privencryptionkey = 5JQxLd1iQD7uvfTiCgsFgFi63iDJVCEXF2TGvRC5wn5aC5e27mW



To initiate communication, you need to send your interlocutor (of course via a secure channel) the given address and find out the address of the interlocutor. Further, if your client (program) does not yet know the public keys of the interlocutor, then when sending the first message, these keys will be requested. For each key received, it is verified that the key was not changed during the transfer, this is done by generating the address from the public key hash itself, and comparing it with the requested key.

At the TCP / IP level

The PyBitmessage client uses the default port 8444, while the client has built-in proxying capabilities and hints at using tor.

It’s pledged, but as far as I understand, the possibility of using IPv6 has not yet been fully implemented.

When connecting to a p2p network, each client indicates which streams (each address is associated with a stream) interests him. After that, it receives all messages from this thread. To send a message, it is transmitted to all nodes to which it is connected, and they in turn to nodes to which they are connected, and so on until the message is on each node of the stream.

Proof of Work (POW)

Messages are stored on each node of the BitMessage network for 48 hours. In order to prevent flooding, when sending a message, the program selects an 8-byte message prefix in order to receive a message whose hash is less than a specified value (a mechanism similar to mining in bitcoin). Usually this work takes 2 minutes on the sender's side. You can check the result on other nodes, and block the flood very quickly.

Messages

Each message in the network is signed by the sender. The program displays a message to the user only making sure that the message is not changed during the transfer.

There are two types of messages:

• Broadcast (Broadcast)
• Private

Each message is encrypted and does not have hints on which key to use for decryption. Those. you have to go through all your keys for private messages, and all keys to which addresses are signed, for public ones.

Broadcast messages allow you to hide the sender of the message (ip address of the sender, but not the address in the Bitmessage network). When sending a message, it is encrypted with the sender's private key. Anyone who knows the sender's address can decrypt the message with a public key and read the message itself.

A private message hides both the sender of the message and its text from everyone except the recipient. When sending a message, it is encrypted with the recipient’s public key.

How is anonymity achieved

All messages are sent to everyone. But due to the fact that they are all encrypted, it is impossible to determine to whom the message is addressed, or who the sender is. Moreover, even determining that we are interested in the sender of a particular message (for example, a broadcast message) it is difficult to understand who initially sent it to the network. And in the case of using tor even harder.

What you have to pay

Enough traffic - you get all the messages of your stream. Today it is 40 megabytes.

Sometimes, 100% CPU usage - you need to calculate POW to send a message, and try to decrypt it with all your keys in order to receive it.

Protocol specification

Official protocol documentation is available at bitmessage.org/wiki/Protocol_specification

How to use it

For personal communication - download a client from the official site, run it (does not require installation), enjoy bitmessage.org/wiki/Main_Page

For programs not on .NET, you can use the official client API bitmessage.org/wiki/API_Reference

For use in .NET applications, you can use the library on c # github.com/sharpbitmessage/SharpBitmessage



Well, and most importantly, my address BM-2D88888iFvohJyschKVRKTJq4KCboU9sov