Since I just spent a post bitching about the ineffectiveness of e-mail I think it’s time to discuss alternatives. In my pursuit to find methods of secure communications I’ve stumbled across an interesting piece of software called Bitmessage. Bitmessage caught my attention because it attempts to fulfill several goals I have when looking for an e-mail replacement. First, it’s decentralized. There are no central servers running the Bitmessage network. Instead the Bitmessage network is similar to Bitcoin in that messages are broadcast (in an encrypted form) throughout the entire network.
The second feature that interests me is Bitmessage’s pseudo-anonymity.Bitmessage, like Bitcoin, is based off of public-key cryptography. Users create a keypair and the public key is hashed, which gives you an identifier that others can use to communicate with you. All message sent to you are encrypted with your public key so only you, the holder of the private key, can decrypt and read them.
That leads me to the third feature of Bitmessage that interests me, an attempt to use strong cryptography. All messages in the Bitmessage network are encrypted using public-key cryptography. That makes snooping on communiques extremely difficult. One of the weaknesses I’ve noted in most potential e-mail replacements is a tendency to send communiques in plain text. Most instant messenger servers, for example, send all message in plain text so anybody can easily listen in.
Bitmessage isn’t perfect by a long shot. The software is obviously in an alpha stage. I could only find a pre-built Windows client on Bitmessage’s website and an unofficial pre-built OS X client after some digging. Installing Bitmessage is probably more work than most people want to go through. Another problem with Bitmessage is that no independent security audit has been performed on the network or the client (although a request for such an audit is on the front page of Bitmessage’s wiki). Without a security audit there is no way to know how secure Bitmessage really is. But these are problems that plague every new piece of software. One should approach Bitmessage as a proof of concept that promises to deliver great things in the future.
If you’re interested in testing Bitmessage with me my address is BM-2D95ncE8da721wVxQzcA3QEhjrg2MGFjka.