Pages:
Author

Topic: [ANNOUNCE] Bitmessage - P2P Messaging system based partially on Bitcoin - page 27. (Read 89882 times)

legendary
Activity: 1540
Merit: 1000

Its a term used by hackers and I suspect he's right, what it will probably do is create a security flaw for peoples bitcoin clients that a skilled hacker could probably use to get at their Bitcoins, I suspect if the site is down someone has already found it.
jr. member
Activity: 42
Merit: 1000
UPD. I mean SEVERAL addresses
( from some meaningful text, like this :
"My super cool BM address+My-TOP-Secret-Password" ),
that is : 1 string => many addresses.
legendary
Activity: 1036
Merit: 1000
DARKNETMARKETS.COM
jr. member
Activity: 42
Merit: 1000
Great idea. If you implement discussion boards it may become even more popular than Freenet-Frost.
You can send message to me - BM-2neVjntfgA38WbRufTFoooUrtRpGeNATJ1m
Yes, cool project.
I too would like to add forum-like
functionality to BitMessage.

@Atheros
Do you have any plans for "discussion board" feature' integration ?

Also it would be cool to have deterministically generated addresses
( from some meaningful text, like this :
 "My super cool BM addr_My-TOP-Secret-Password"

PS. I really like your idea.
 Maybe, if you won't do it yourself,
 i will start parallel forum-like
 BM system project.

legendary
Activity: 1078
Merit: 1005
Because i can not post on the Bitmessage forum,
for some reason
the bitmessage domain seems to be down.
sr. member
Activity: 249
Merit: 251
Completely broken security of Bitmessage...

Check my blog post: http://bitslog.wordpress.com/2012/11/30/bitmessage-completely-broken-crypto/

I have been considering the attacks you have described. I still want to move away from RSA, Adaptive chosen-ciphertext attacks (despite being expensive due to Bitmessage's POW requirement) must be more carefully guarded against, and separate keys can be used for encryption and signing after the upgrade as a matter of best-practices. But while the encrypt and decrypt_bigfile function is flawed, I don't believe the flaw you have described could be implemented as an attack against Bitmessage. If an attacker modifies an encrypted message, the receiver will decrypt it but then see that the message signature is invalid: the message signature algorithm is just a signed hash and makes no use of the flawed blocks. The receiver will reject the message as invalid and ignore it.
sr. member
Activity: 249
Merit: 251
While my software is still unable to connect to peers at all (Red Status) on my current network, I successfully sent a message apparently. Looks like it's working as planned Smiley

I'd also love to see default tagging for addresses, in order to maintain the easy sending even with multiple addresses.
If you are disconnected from the network it does the Proof of Work ahead of time and will send it whenever it connects to a peer. The message status probably shouldn't say "message sent" in this case.

Although what if an attacker can separate you from most other peers, like by cutting off the Internet connectivity of an entire country? In this case it Has been sent to peers. The word "Sent" is ill-defined. Ultimately one should just depend on the acknowledgement to judge whether the message has been received I think.

I'll have Bitmessage display a warning in the status bar if you aren't connected to any peers at the time.
hero member
Activity: 532
Merit: 500
While my software is still unable to connect to peers at all (Red Status) on my current network, I successfully sent a message apparently. Looks like it's working as planned Smiley

I'd also love to see default tagging for addresses, in order to maintain the easy sending even with multiple addresses.
hero member
Activity: 555
Merit: 654
I'm thankful to Sergio for digging into the RSA code and alerting us to the problem. I will put a prominent message on the bitmessage.org page. I apologise for not displaying a more prominent warning about the relatively-unstudied encryption algorithm earlier. If people believe in the Bitmessage concept, we can upgrade to ECC, let everyone who is interested check the encryption implementation, and hopefully end with a useful tool and protocol. One person has already pointed out a potentially useful OpenSSL wrapper.

I think the protocol can be secured but first some things would need to be done:

1. Much better documentation of the inner workings of the message structure / cryptographic functions

This information is missing from the White paper and is crucial to understand the protocol.

2. Find a Security researcher to develop a proven encryption/signature design.

Either you hire it or you find a one that would do it for free but it must be a guy with deep crypto knowledge.

3. Clean up the source code. Refactor and comment. Isolate security critical parts.

It's a bit messy and does not help in understanding the inner workings of the protocol.

4. RSA is not itself the problem. OAEP padding would have been be much better. But hybrid encryption with chaining is a must.

I suggest using the Integrated Encryption Scheme (DLIES or ECIES).

Good luck!

 Sergio.
sr. member
Activity: 249
Merit: 251
Based on reading the paper I have a few comments. I don't know if the design is set in stone by now or if you're still open to modifications.

Thank you for your long and thoughtful reply Mike. I'm perfectly open to modifications. It's easier to adjust a protocol earlier rather than later. And it appears that encryption algorithm will have to be changed soon regardless.

The streams construction is very clever and I think it could work well. One question is what if I have an old and widely propagated address in a root stream, and eventually it gets overloaded? Some people have to move. But nobody wants to give up their old and well known address.
This is a valid concern. I'm not sure of a solution except that the normal rate of address abandonment could be sufficient to make up for it.
Do allow me a bit of time to digest your other ideas!
sr. member
Activity: 249
Merit: 251
A few complaints. Due to firewall restrictions, I'm only able to connect through a handful of whitelisted ports. It'd be nice if the program could automatically determine an open one to use. Second of all, I have to click on my "From" address in order for it to populate the from field, despite it being selected by default.
I purposely have one of the default bootstrap nodes running on port 8080 for this reason. It is usually a whitelisted port.
When you say you want the program to automatically determine an open port, do you mean for outgoing connections? In this case the port is up to the listening node to set. Hopefully some people will use ports that your firewall will allow and if they do, your client will connect to them.

About the 'From' Address issue, the software has been patched so that it will automatically select the address if you have only one address. If you have more than one, you still must select the desired address. In the case that there is more than one address, if people dislike that it shows an address by default, I suppose we can make it blank by default.

Also I'd like to see the ability to use proxies, which would circumvent my problem I'm having with ports.
This is also a feature I would like.

Looks like its doing some bootstrapping over port 8332 (bitcoin rpc) had me worried for a minute about backdoors.

This may be a silly question, but sending messages is a pretty simple feature and something thats been available for long time in many different p2p softwares.. Retroshare for example is p2p, using cryptographic keys for encryption and privacy.. it allows sending of messages and forums etc.

Not sure what makes BitMessage special?

It appears that someone changed their port to 8332.
About Retroshare I must admit that I did not know about it but I will research it.
hero member
Activity: 532
Merit: 500
Completely broken security of Bitmessage...

Check my blog post: http://bitslog.wordpress.com/2012/11/30/bitmessage-completely-broken-crypto/

So right now it's nothing more than a novel toy. Definitely not ready for the big time, but it's still a neat concept. There are definitely numerous improvements needed, but I still think it's a novel idea.

It's true that it isn't ready for the big time. I used a Python RSA library that I did not create myself in the hopes that releasing a working program would create interest and that if people liked the Bitmessage concept, we could upgrade to ECC.  It was never my wish to use RSA but I could not find a Python ECC library at the time. Bitmessage addresses purposely include a version number so that the upgrade to ECC can be smooth. I had previously said the same thing on Reddit.

I'm thankful to Sergio for digging into the RSA code and alerting us to the problem. I will put a prominent message on the bitmessage.org page. I apologise for not displaying a more prominent warning about the relatively-unstudied encryption algorithm earlier. If people believe in the Bitmessage concept, we can upgrade to ECC, let everyone who is interested check the encryption implementation, and hopefully end with a useful tool and protocol. One person has already pointed out a potentially useful OpenSSL wrapper.

I hope to see continued development of this project. And perhaps a "key exchange" where users can get in touch with each other. And an "ignore function", where it will refuse to give up the public key to ignored users. I'm not sure of the difficulty of implementing this, but it'd be nice to see.
sr. member
Activity: 249
Merit: 251
Completely broken security of Bitmessage...

Check my blog post: http://bitslog.wordpress.com/2012/11/30/bitmessage-completely-broken-crypto/

So right now it's nothing more than a novel toy. Definitely not ready for the big time, but it's still a neat concept. There are definitely numerous improvements needed, but I still think it's a novel idea.

It's true that it isn't ready for the big time. I used a Python RSA library that I did not create myself in the hopes that releasing a working program would create interest and that if people liked the Bitmessage concept, we could upgrade to ECC.  It was never my wish to use RSA but I could not find a Python ECC library at the time. Bitmessage addresses purposely include a version number so that the upgrade to ECC can be smooth. I had previously said the same thing on Reddit.

I'm thankful to Sergio for digging into the RSA code and alerting us to the problem. I will put a prominent message on the bitmessage.org page. I apologise for not displaying a more prominent warning about the relatively-unstudied encryption algorithm earlier. If people believe in the Bitmessage concept, we can upgrade to ECC, let everyone who is interested check the encryption implementation, and hopefully end with a useful tool and protocol. One person has already pointed out a potentially useful OpenSSL wrapper.
hero member
Activity: 532
Merit: 500
Completely broken security of Bitmessage...

Check my blog post: http://bitslog.wordpress.com/2012/11/30/bitmessage-completely-broken-crypto/



So right now it's nothing more than a novel toy. Definitely not ready for the big time, but it's still a neat concept. There are definitely numerous improvements needed, but I still think it's a novel idea.
hero member
Activity: 555
Merit: 654
sr. member
Activity: 369
Merit: 250
I tried it out, looks good, seems to run as advertised.

Looks like its doing some bootstrapping over port 8332 (bitcoin rpc) had me worried for a minute about backdoors.

This may be a silly question, but sending messages is a pretty simple feature and something thats been available for long time in many different p2p softwares.. Retroshare for example is p2p, using cryptographic keys for encryption and privacy.. it allows sending of messages and forums etc.

Not sure what makes BitMessage special?

hero member
Activity: 532
Merit: 500
I would like to have something like this on smartphones Cheesy

Agreed. Also, I'd like to see this be more cross-platform, and a changelog. (Mac, Linux, etc.)
staff
Activity: 4270
Merit: 1209
I support freedom of choice
I would like to have something like this on smartphones Cheesy
hero member
Activity: 532
Merit: 500
Also I'd like to see the ability to use proxies, which would circumvent my problem I'm having with ports.
member
Activity: 71
Merit: 10
A few complaints. Due to firewall restrictions, I'm only able to connect through a handful of whitelisted ports. It'd be nice if the program could automatically determine an open one to use. Second of all, I have to click on my "From" address in order for it to populate the from field, despite it being selected by default.
+1 on the from address problem
Pages:
Jump to: