-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Jonathan,

This looks like it could be a useful system, but I'm not sure I fully
understand it.

Each node is assumed to have a slowly changing set of addresses, is
that right? A node migrates between streams by choosing whether to
create new addresses in its current stream or a child of its current
stream; when it has no more addresses in the current stream, the child
stream becomes its current stream. So if addresses identify users,
does that mean each node is assumed to have a slowly changing set of
users (like a mail server, say, rather than a personal computer)? Or
does each user change addresses over time?

When a node first enters the network, how does it decide which stream
to join?

When a node leaves the network, a stream may be left empty. What
happens if stream 1 (or any other non-leaf stream) becomes empty? Can
a node in a leaf stream that wants to send a message to a node in
another leaf stream still find a suitable node to connect to?

Section 5 of the paper says that "all users receive all messages". But
that's no longer true once the network has divided into streams,
right? So how does a broadcaster ensure that all subscribers receive
her messages?

It might be worth looking at P5, which uses some similar ideas:
http://www.cs.umd.edu/projects/p5/p5-extended.pdf

Also, some analysis of proof of work as a means of limiting spam:
http://www.cl.cam.ac.uk/~rnc1/proofwork2.pdf

I seem to remember a DHT-based system where messages could be
addressed to all nodes with a given identifier prefix (of any length),
but I can't find the reference.

Cheers,
Michael

On 16/02/13 18:49, Jonathan Warren wrote:
> Hello everyone, I would like to introduce you to a communications 
> protocol I have been working on called Bitmessage. I have also
> written an open source client released under the MIT/X11 license.
> It borrows ideas from Bitcoin and Hashcash and aims to form a
> secure and decentralized communications protocol which also doesn't
> rely on trust. Criticism of the X.509 certificate system is
> understandably common in this listserv (and also increasingly
> common in more public forums); Bitmessage instead uses Bitcoin-like
> addresses for authentication. It has a 'broadcast' and
> 'subscription' feature which other people have described as a
> decentralized Twitter and also aims to hide "non-content" data,
> like the sender and receiver of messages, from passive 
> eavesdroppers like those running warrantless wiretapping programs.
> It may also be possible to be strong against active attackers
> although I'm not yet making that claim.
> 
> 
> 
> A primary goal has been to make a clean and simple interface so
> that the key management, authentication, and encryption is simple
> even for people who do not understand public-key cryptography. I'm
> sure that there is quite a bit of demand for such a program and
> protocol although I am currently not actively promoting it because
> it has not been independently audited.
> 
> 
> 
> I would be interested to hear your comments. The website 
> https://bitmessage.org links to various resources like a short 
> whitepaper describing how the protocol works and what its goals are
> ( https://bitmessage.org/bitmessage.pdf ) and the source code on
> Github ( https://github.com/Bitmessage/PyBitmessage ). The main
> source code file is bitmessagemain.py.
> 
> 
> 
> Bitmessage is written in Python and uses an OpenSSL wrapper called 
> pyelliptic (written by a different individual) to implement ECIES
> and ECDSA.
> 
> Again I look forward to hearing comments; it is always easier to
> change or add to a protocol earlier than it is later.
> 
> All the best,
> 
> Jonathan Warren
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________ cryptography
> mailing list [email protected] 
> http://lists.randombit.net/mailman/listinfo/cryptography
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJRI3OzAAoJEBEET9GfxSfMzOkH/29tjxyzO2g949Pk8yM2V+lZ
Sqd2BeamgzYoz3QCS5iwDjhgJedguNS0/CzTwzDW56mEzYKkqZPdfZlKR2s541hA
Y10++AOy9yyumAZypAGD/0HDDRftMs4iUoZZbOlm6jB4Ul8Al5iHeNL2r1VIPaU/
pmP1cbUi8yLC86POmjMARfvbiAX4+G3EYxb+lKaZleFMg8cCoo07Ur6Po7mdTtkz
nMkuNsmBgzUoaGHejB2tAe6B5QQNsqazFEK1UK/wg9829CedF6l1UKMFy5iDNIJa
60zQ9U0+SDnd0RedeR45pYIPKmPI4pGEp4COyv/n2derzRY52P1TrHx/T7jkx9k=
=4oMp
-----END PGP SIGNATURE-----
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to