Understanding Bitmessage and Its Secure Messaging System

Author

Reads 9.7K

A Cryptocurrency Flowchart
Credit: pexels.com, A Cryptocurrency Flowchart

Bitmessage is a decentralized messaging system that uses a peer-to-peer network to send encrypted messages. It's like a mix between email and a chat app, but with added security.

The system is based on a unique protocol that allows users to send messages to each other without relying on a central server. This means that messages are stored locally on each user's device, making it a very secure option.

Bitmessage uses a public key cryptography system, which means that each user has a pair of keys: one public key for receiving messages and a private key for sending messages. This ensures that only the intended recipient can read the message.

One of the key features of Bitmessage is its ability to send messages to a group of users, known as a "chat room." This is similar to a group chat on other messaging apps, but with the added security of being decentralized.

Getting Started

Credit: youtube.com, Bitmesssage Introduction

You can find instructions to download and run Bitmessage from the Main Page.

To get started, simply download Bitmessage, as it doesn't need to be installed.

It's worth noting that Bitmessage should run on any OS, although it's only lightly tested on OSX.

For Windows users, there's a great write-up on setting up and using Bitmessage that can be found here.

If you're on a *nix or OSX platform, you can find examples of how to install Bitmessage in the forums.

If you need a TOR client, more complete instructions can be found on the TOR page.

If you already have a client, follow the instructions below, but keep in mind that the start-on-boot and minimize-to-tray features are only implemented for Windows.

Security and Encryption

Bitmessage uses a decentralized, peer-to-peer, trustless communications protocol that can be used to send encrypted messages to another person or multiple subscribers.

The protocol is designed to be out of reach of warrantless wiretapping, thanks to its decentralized nature and encryption, which is difficult to crack. This makes it a secure way to communicate.

Credit: youtube.com, What is End-to-end encryption? Secure Messaging explained

Bitmessage achieves anonymity and privacy by relying on the blockchain flooding propagation mechanism and asymmetric encryption algorithm.

The encryption process involves using an ECIES (Elliptic Curve Integrated Encryption Scheme) to encrypt the payloads of the messages and broadcast objects. This scheme uses ECDH (Elliptic Curve Diffie-Hellman) to generate a shared secret, which is then used to encrypt the data using AES-256 (Advanced Encryption Standard) in CBC mode.

However, this scheme has some limitations, as it doesn't have authentication of messages, and self-implementation can leave room for errors and mistakes. A better scheme would use X25519 to exchange keys and generate shared secrets.

Here's a breakdown of the encryption process:

  1. The destination public key is called K.
  2. Generate 16 random bytes using a secure random number generator. Call them IV.
  3. Generate a new random EC key pair with the private key called r and the public key called R.
  4. Do an EC point multiply with public key K and private key r. This gives you public key P.
  5. Use the X component of public key P and calculate the SHA512 hash H.
  6. The first 32 bytes of H are called key_e and the last 32 bytes are called key_m.
  7. Pad the input text to a multiple of 16 bytes, in accordance with PKCS7.
  8. Encrypt the data with AES-256-CBC, using IV as the initialization vector, key_e as the encryption key, and the padded input text as the payload. Call the output ciphertext.
  9. Calculate a 32-byte MAC with HMAC-SHA256, using key_m as salt and IV + R + ciphertext as data. Call the output MAC.

The resulting data is: IV + R + ciphertext + MAC

Credit: youtube.com, Security Now 420: BitMessage

Some potential improvements to the encryption process include:

  • Using a safe KDF (Key Derivation Function) like HKDF to derive the keys instead of using a hash like SHA512.
  • Using an AEAD (Authenticated Encryption with Associated Data) to ensure the integrity of the encrypted message instead of calculating the MAC separately.
  • Using a KEM (Key Encapsulation Mechanism) to exchange keys would simplify the exchange process while increasing security by reducing the risk of key interception or leakage.

Network and Nodes

If your connection indicator is green, you're already helping the network by accepting incoming connections. This means your Bitmessage client is up and running, and you're doing your part to keep the network humming.

To become a node and help the network, make sure your firewall settings and port forwarding allow incoming connections on the correct TCP port, which is usually 8444, as found in the Bitmessage settings.

Bitmessage uses a file called knownnodes.dat to store the IP addresses and ports of nodes that help bootstrap the connection to the network. This file is crucial for getting started with Bitmessage.

A stream in Bitmessage is like a separate channel or group where nodes can communicate. Streams help organize and manage communication between nodes, making data handling more efficient and keeping the network organized.

Here's a brief overview of stream types:

  • Stream 1 is the main or "master" stream, the primary stream and currently the only one.
  • Clients can connect to other clients in specific streams or the main stream to manage data and reduce load.
  • Clients can create new streams (child streams) to manage traffic and messages when there are too many in a stream.

Setting Up Tor

Credit: youtube.com, How TOR Works- Computerphile

To set up Tor, you'll need to configure Bitmessage to use it as a proxy. This involves selecting the right settings in the Network Settings section of Bitmessage.

Navigate to Settings > Network Settings and select SOCKS5 from the Type: drop down under the Proxy server / Tor section. Enter 'localhost' next to 'Server hostname:' and '9050' or '9150' next to 'Port:', depending on your setup.

You can choose between port 9050 and 9150, but make sure to restart Bitmessage after making the change.

Becoming a Network Node

If your connection indicator is green, congratulations, you're already helping the Bitmessage network by accepting incoming connections.

However, if your connection indicator is yellow, it's likely because your firewall settings or port forwarding are blocking incoming connections on the correct TCP port, which is usually 8444.

To make your indicator green, you'll need to forward the required TCP port, which can be found in the Bitmessage settings.

Credit: youtube.com, COMPUTER NETWORKING NODE EXPLAINED

Bitmessage uses a file called knownnodes.dat to store the IP addresses and ports of nodes that help bootstrap the connection to the network.

If you're having trouble getting your connection indicator to turn green, check your Bitmessage settings for the port number.

To become a full-fledged node, you'll need to allow incoming connections on the correct port, which is usually 8444.

Here are some common reasons why your connection indicator might be yellow:

  • Firewall settings blocking incoming connections
  • Port forwarding not set up correctly
  • Incorrect port number in Bitmessage settings

By following these simple steps, you can become a valuable node in the Bitmessage network and help keep the community connected.

Pubkey and Broadcast Structures

The pubkey and broadcast structures play a crucial role in the protocol's functionality.

The pubkey structure contains public keys for signing and encryption, as well as behavior bitfields and optionally encrypted data in version 4 and above.

This structure is used for cryptographic operations like signing and encryption.

The broadcast structure, on the other hand, is used for sending messages to subscribers, with version 4 and 5 utilizing tags and encryption for additional security.

Credit: youtube.com, What Is A Node In A Network? - SecurityFirstCorp.com

Here are the key differences between the pubkey and broadcast structures:

The current variable-length encoding scheme used by the protocol might be wasteful for certain number ranges.

Daemon and Client

To run Bitmessage in a way that's convenient and efficient, you can put it in daemon mode. Refer to the Daemon Mode Page for more information.

Bitmessage can be run in two main ways: as a client and as a daemon. The client is the interface you interact with to send and receive messages, while the daemon runs in the background and handles the underlying messaging process.

To access your messages and settings, you need to run the client.

Running in Daemon Mode

Running in Daemon Mode is a great way to keep Bitmessage running in the background without taking up too much of your computer's resources.

To run Bitmessage in daemon mode, you'll need to refer to the Daemon Mode Page.

Client Procedures

A modern laptop on a desk showing a blockchain interface, ideal for cryptocurrency topics.
Credit: pexels.com, A modern laptop on a desk showing a blockchain interface, ideal for cryptocurrency topics.

Client Procedures are essential for using a decentralized messaging system like Bitmessage.

To create a new address, you need to go through a process that involves creating an address, finding servers, selecting ISs, requesting access, and storing details.

Here are the steps involved in creating a new address:

  1. Create Address: The user creates a new BitMessage address.
  2. Find Servers: The user connects to a DIR to get a list of available ISs.
  3. Select ISs: The user chooses some ISs to use.
  4. Request Access: The user contacts the chosen ISs to request access.
  5. Store Details: If accepted, the IS’s details are stored with the user’s address.

Having multiple ISs is beneficial as it provides redundancy and privacy. If one IS is down, you can still receive messages through others. Using multiple ISs prevents any single IS from seeing all your messages.

What Did Do

Daemon and client are two related but distinct concepts.

A daemon is a program that runs in the background, executing tasks without user interaction.

It's a common practice to run daemons as background processes, allowing them to continue running even after the user logs out.

Daemons can also be used to manage system resources, such as memory and CPU usage.

In contrast, a client is a program that requests services or resources from a server.

A client can be a web browser, a mail client, or even a video streaming app.

Clients typically send requests to servers and receive responses in return.

Understanding Bitmessage

Credit: youtube.com, bitmessage address update

Understanding Bitmessage involves grasping its core components, such as the behavior bitfield, which is a 32-bit bitmask specifying supported node behaviors. Each bit represents a different capability or feature.

The behavior bitfield is just one part of the node's setup, which also includes public signing and encryption keys, used for verifying authenticity and encrypting messages for privacy. These keys are standard ECC keys.

Bitmessage nodes also participate in the Proof of Work (POW) mechanism to prevent spam, with parameters like nonce_trials_per_byte and extra_bytes playing a crucial role.

How Does Work

Bitmessage is a decentralized, encrypted, peer-to-peer, trustless communications protocol that can be used by one person to send encrypted messages to another person, or to multiple subscribers. It achieves anonymity and privacy by relying on the blockchain flooding propagation mechanism and asymmetric encryption algorithm.

To start using Bitmessage, your client connects to the network and downloads a list of known nodes. Each new node you connect to shares its list of known nodes. You'll also start receiving person-to-person messages, broadcasts, and public keys, which will be shown in your inbox if they're bound for you.

Credit: youtube.com, Bitmessage - Installation and using

As you connect to more nodes, you'll build a network of connections that share data with each other. This ensures everyone has a copy of the data, including messages, broadcasts, and public keys.

Bitmessage uses a Proof of Work (POW) to mitigate spam on the network. This POW involves a costly task for a computer to perform, such as a calculation that requires time and effort. It's then hashed twice with SHA-512 to ensure it's verifiable by other people.

Here's a breakdown of the POW process:

The POW process helps prevent spam on the network, but it could be improved by using a hash algorithm that requires memory to perform the hashing, such as Argon2id or scrypt.

How Messaging Compares to Other Methods

Bitmessage is a unique messaging method that stands out from other services in several ways. It's fully distributed, meaning it doesn't rely on a central authority and has no single point of failure.

Credit: youtube.com, should i use bitmessage or retroshare

One of the key differences between Bitmessage and other methods is its trustless nature. Unlike standard email, which relies on a central authority to verify identities, Bitmessage uses a peer-to-peer (P2P) network to ensure that messages are secure and private.

In terms of openness, Bitmessage is an open source project, licensed under the MIT license. This means that the code is freely available for anyone to review and modify.

Bitmessage also requires proof of work, which helps to secure the network and prevent spam. This is in contrast to standard email, which doesn't require any form of proof.

Here's a comparison of Bitmessage with other messaging services:

As you can see, Bitmessage stands out from other messaging services in its trustless and P2P nature. This makes it a more secure and private option for those who value their online anonymity.

Message Encoding

Bitmessage's protocol uses a custom encoding system for its messages, which consists of several parts. This encoding system is designed to ensure the secure transmission of messages over the network.

Credit: youtube.com, 01 Encrypting Messages

One of the key components of Bitmessage's message encoding is the inclusion of the receiver's public key, represented by a 20-byte RIPE Hash. This hash is used to encrypt the message and verify the sender's identity.

The message encoding also specifies how the message is formatted, such as using UTF-8 encoding. This allows for the transmission of text messages in a format that can be easily read by recipients.

In addition to the message encoding, Bitmessage also includes a signature, which is an ECDSA signature covering specific parts of the message. This signature helps to verify the authenticity and integrity of the message.

Here's a breakdown of the specific fields included in Bitmessage's message encoding:

  • Version
  • Address version
  • Stream number
  • Public keys
  • Bitfield indicating node behavior
  • Nonce Trials per Byte and Extra Bytes: Difficulty settings for Proof of Work
  • RIPE Hash (20 bytes): Represents the receiver's public key
  • Message Encoding: Specifies how the message is formatted (e.g., UTF-8)
  • Signature: ECDSA signature covering specific parts of the message

Data and Files

Bitmessage stores crucial data for the client to work in several .dat files. These files contain information essential for the client's operation.

The whitelist table, similar to the blacklist table, contains addresses that are whitelisted. If the field enabled is set to true, users can only communicate with the addresses in this table.

Bitmessage's message types refer to the different kinds of messages that nodes can send and receive in a peer-to-peer network. These messages are used for various purposes, including establishing connections and sharing information about nodes.

Unencrypted Message Data

Close-up of wooden blocks spelling 'encryption', symbolizing data security and digital protection.
Credit: pexels.com, Close-up of wooden blocks spelling 'encryption', symbolizing data security and digital protection.

Unencrypted Message Data plays a crucial role in the way messages are transmitted and received. It contains a variety of fields that are essential for the functioning of the system.

One of the key fields is the version, which indicates the version of the address being used. This is a critical piece of information that helps ensure compatibility between different nodes on the network.

The address version is also a significant field, as it specifies the type of address being used. This could be a public key or a different type of address altogether.

A stream number is also included in the unencrypted message data. This helps to identify the specific stream or conversation that the message belongs to.

Public keys are also included in the unencrypted message data. These keys are used to verify the identity of the sender and ensure the authenticity of the message.

A bitfield is used to indicate the behavior of the node that sent the message. This can include information about the node's capabilities and restrictions.

Explore further: Bounce Address

Credit: youtube.com, End to End Encryption (E2EE) - Computerphile

The nonce trials per byte and extra bytes are used to determine the difficulty settings for proof of work. This is an important aspect of the system's security and helps to prevent attacks.

The RIPE hash is a 20-byte representation of the receiver's public key. This is used to ensure that the message is delivered to the correct recipient.

The message encoding specifies how the message is formatted. This could be in a format like UTF-8, which is a common encoding standard.

The signature is an ECDSA signature that covers specific parts of the message. This helps to ensure the authenticity and integrity of the message.

Here's a summary of the unencrypted message data fields:

  • Version
  • Address Version
  • Stream Number
  • Public Keys
  • Nonce Trials per Byte and Extra Bytes
  • RIPE Hash
  • Message Encoding
  • Signature

Files

If you're using BitMessage, you should know about its essential files. BitMessage uses several .dat files to store crucial data for the client to work.

The whitelist table, similar to the blacklist table, contains addresses that are whitelisted. If the field enabled is set to true, the user can only communicate with the addresses in this table.

A Man in a Suit doing a Digital Presentation
Credit: pexels.com, A Man in a Suit doing a Digital Presentation

keys.dat is a file used by BitMessage to store important settings and address information. This file is the most important file in BitMessage as it contains all your keys; if you lose this file, you lose your BitMessage identity (which is your private/public keys).

The knownnodes.dat file was created for future use and to replace the keys.dat file, but the project's development halted before this replacement could happen.

Here's a list of BitMessage's .dat files and their purposes:

Addresses and Messages

Bitmessage addresses are unique and start with the characters "BM-". They are Base58 encoded hashes of the public key, and the hash algorithm used for address generation is RIPEMD-160, which is different from the PoW algorithm.

A Bitmessage address is a good idea to identify newer versions of addresses, as it can be modified by adding a prefix, such as "BMV2-", to indicate it is version 2 of the address.

Bitmessage's custom encoding system for messages consists of several parts, including the unencrypted message data, nonce trials per byte and extra bytes, RIPE hash, message encoding, and signature.

Related reading: Message Submission Agent

Credit: youtube.com, Setting up & using Bitmessage for anonymous communication

Here are the parts of Bitmessage's message encoding:

  • Version
  • Address version
  • Stream number
  • Public keys
  • Nonce Trials per Byte and Extra Bytes: Difficulty settings for Proof of Work
  • RIPE Hash (20 bytes): Represents the receiver’s public key
  • Message Encoding: Specifies how the message is formatted (e.g., UTF-8)
  • Signature: ECDSA signature covering specific parts of the message

All messages in Bitmessage are stored in a SQLite database named messages.dat, along with keys.dat and knownnodes.dat in the same directory.

Addresses

Addresses in Bitmessage are Base58 encoded hashes of the public key, using the RIPEMD-160 hash algorithm for address generation, which is different from its Proof-of-Work algorithm.

All Bitmessage addresses start with the characters "BM-" to indicate they are part of the protocol, making it easier to identify newer versions of addresses.

In fact, if a new version of Bitmessage uses a different hash or public key algorithm, the address prefix could change, like "BMV2-", indicating it's version 2 of the address.

Bitmessage addresses are unique and serve as the sender's and receiver's public key, used for encryption and decryption of private messages.

Message Types

In a BitMessage network, messages are categorized into different types that serve specific purposes. These types enable nodes to establish connections, share information, and manage data in the network.

Black Typewriter Machine Typing on White Printer Paper
Credit: pexels.com, Black Typewriter Machine Typing on White Printer Paper

Messages in BitMessage are stored in a SQLite database named messages.dat, along with keys.dat and knownnodes.dat. This database uses separate tables for different messages, such as retrieved and decrypted messages, sent messages, and app configurations.

The database has a table for messages that were retrieved and decrypted, as well as trash messages. It also has a table for sent messages, including trashed sent messages.

Here are the different types of messages stored in the database:

The database design has some drawbacks, such as storing sent and retrieved messages in separate tables, which could have been combined into a single table with a field to determine the message type.

Messages Dat

Messages Dat is a SQLite database used by Bitmessage to store messages and other data. It's a crucial part of the Bitmessage protocol, and it's where all the messages you send and receive are stored.

The database contains several tables, each with its own specific function. There's the inbox table, which stores all the messages that were retrieved and successfully decrypted. There's also the sent table, which contains only the sent messages, including trashed sent messages.

Wooden blocks spelling "Keep Safe" on a grid background. Ideal for messages of security and care.
Credit: pexels.com, Wooden blocks spelling "Keep Safe" on a grid background. Ideal for messages of security and care.

Another important table is the blocked table, which stores all the addresses that a user blocks to prevent future communications with them. This is a great feature for keeping your conversations private.

The database also contains a table for public keys, which stores the public keys created by the user and the time they were last transmitted. This is useful for keeping track of your keys and making sure they're up to date.

Here's a breakdown of the tables in the Messages Dat database:

The Messages Dat database is a great example of how Bitmessage prioritizes user privacy and security. By storing messages and other data in a secure and organized way, Bitmessage makes it easy to keep your conversations private and secure.

Troubleshooting and Errors

If your Connection Indicator is red, it's likely due to a connection issue. Check your connection settings to ensure you're online.

You might need to allow unrestricted access for Bitmessage through your firewall, especially if you have a firewall with outgoing restrictions. This can be a common problem, especially if you're new to Bitmessage.

Sometimes, Bitmessage just takes time to connect to the network, especially if your knownnodes.dat file is large. Give it at least 30 minutes to connect before posting to the forum.

If you're still having trouble, try deleting your knownnodes.dat file to start fresh.

Mailing Lists

Elderly Man Using Smart Phone To Communicate To His Family
Credit: pexels.com, Elderly Man Using Smart Phone To Communicate To His Family

Bitmessage's mailing list feature allows anyone to send a message to a broadcast address, which then sends a copy of the message to everyone in the subscription list of that address.

This feature is convenient for sharing information with a group of people, but it also has a downside.

Anyone can send a message to a mailing list in Bitmessage without being a member of it, making it a recipe for spam.

This can lead to unwanted messages cluttering up your inbox, making it difficult to find the messages that are actually important to you.

Consider reading: Bounce Message

Good Proposals

BitMessage had some good proposals to implement, which could have made a solid network if development had continued.

One of those proposals was related to improvement. BitMessage had some good proposals to implement.

If development had continued, it could have made a solid network, according to the available information.

Walter Brekke

Lead Writer

Walter Brekke is a seasoned writer with a passion for creating informative and engaging content. With a strong background in technology, Walter has established himself as a go-to expert in the field of cloud storage and collaboration. His articles have been widely read and respected, providing valuable insights and solutions to readers.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.