EDN/PrivacyProjects/Bitmessage

Aus C3D2
< EDN‎ | PrivacyProjects
Version vom 11. April 2016, 08:42 Uhr von Demos (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „= Bitmessage = This document is part of a forthcoming new comparison of privacy tools. Bitmessage is not perfect, but currently the easiest metadata protectin…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Zur Navigation springen Zur Suche springen

Bitmessage

This document is part of a forthcoming new comparison of privacy tools.

Bitmessage is not perfect, but currently the easiest metadata protecting messaging system to install and use.


Weaknesses are:

  • Curves currently used are not considered safe. Some !NationStateAdversary may have a way to spend less CPU time to decrypt messages than with other crypto.
  • No forward secrecy is implemented, so if an attacker obtains a private key she will be able to decrypt everything retroactively. This is equivalent to PGP.
  • The anonymity method works by connecting a lot of hosts and consuming more than usual amounts of CPU power.
  • Publishing messages is only anonymous if the people who can read those messages do not share this ability with a !NationStateAdversary. BM has a creative use of cryptography by which BM addresses do not always contain the hash of a "public" key but rather a private subscription key, thus the addresses themselves usually need to be kept secret. Every person possessing the BM address can be the weakest link for security. Better UI and protocol signaling could resolve this problem (for example using PSYC).
  • Rumor has it, that if you use Tor to hide the fact you are using Bitmessage, a working IPv6 configuration may de-anonymize you.


Strengths are:

  • The anonymity method does not suffer from low latency attacks as described in DeanonymizingTheInternet, so it could be safer than Tor.
  • There are no single points of attraction and failure as with client/server systems such as SMTP/PGP, XMPP/OTR or most Tor services.
  • The distribution method may a bit brute force but very effective at communicating to thousands of recipients (compared to Pond for example that cannot do that). This makes this tool a viable option for the constitutional implementation of formation and mobilization of political opposition (unlike any other instrument the Internet currently offers).
  • A very large number of nodes will have all of the ciphertext and could possibly store it for later decryption (decades from now, or after the invention of a quantum computer). This is actually politically better than to only let a NationStateAdversary have a complete view of the ciphertext (as is the case with most other crypto tools) and thus further a power asymmetry.
  • Installation and day-to-day use is sufficiently easy for average citizen to grasp and enjoy.
  • You can enhance anonymity a bit further by accessing other Bitmessage nodes via Tor, but you don't need to: You hide the fact you are using Bitmessage from your provider and in case of retroactive decryption of your messages you make it harder to retrace their origin.


Questionable criticism:

  • It is unclear whether BM can scale to large numbers of usage, but with the strategy of separating !BlockChain-like structures and allowing them to be subscribed to, one by one, is a relevant improvement and may actually work out as a strategy in the long run. This also makes BM easy to get started with - if your client starts out with a single subscription (just let it create your BM identity on the same one as the BM address you wish to follow).
Abgerufen von „https://wiki.c3d2.de/w/index.php?title=EDN/PrivacyProjects/Bitmessage&oldid=23758