Bitmessage centralized and decentralized mailing lists


Warning: Invalid argument supplied for foreach() in /var/www/html/wp-content/plugins/papercite/lib/BibTex_osbib.php on line 185

Warning: Invalid argument supplied for foreach() in /var/www/html/wp-content/plugins/papercite/lib/BibTex_osbib.php on line 185

Bitmessage

During my research for my upcoming master's thesis, I couldn't find any good description of the mailing list functionality in Bitmessage, so I decided to look into it myself and write about my findings .

In Bitmessage, two types of mailing lists exist; centralized and decentralized mailing lists. This article first describes the two types of mailing lists and then summarizes their key differences.

Centralized mailing list

The centralized mailing list (CML) or pseudo mailing list is not really a mailing list. Instead it is a normal Bitmessage address that has been configured in a client to broadcast all messages it receives [1].

When a user wants to send a message to everyone on the CML, he or she sends a msg message to the CML client, which then broadcasts a broadcast message to the network.

This requires the the client who operates the CML to be online in order to broadcast the messages, thus creating a single point of failure.

The private and public keys for decrypting and encrypting messages sent to the CML is derived from the CML address1, which means that everyone who knows the address can both send messages to and receive messages from the CML.

Also, since the client operating the CML is responsible for re-sending the messages it receives, the client will have to perform a new Proof-of-Work for every message it broadcasts. This allows an attacker to flood the client with messages, which will slow down or even stop the flow of genuine messages.

Decentralized mailing list

A decentralized mailing list (DML) or chan, on the other hand, does not require a central authority (client) as the centralized does, and subscribers of the DML send messages directly to each other instead of using a relay as the CML does [2].

When a user wants to send a message to everyone on the DML, he or she sends a msg message to the DML address, which every subscribed client then can decrypt and read.

Unlike with the CML, the private and public keys of a DML are computed from both the DML address and a passphrase (or chan name)2. Initially, the DML creator enters only a passphrase which is then used to generate an address for the chan. Users who wish to join the DML must know of both the passphrase as well as the generated address3.

Also unlike the CML, the DML allows for different ways of sending messages:

DML to DML The DML is specified as both the sender and receiver of the message. ``This is completely anonymous and is the default behavior. Some users however tend to block the DML address itself using the blacklist to reduce spam.'' [2]
Person to DML The sender sends a message from one of his or her personal addresses to the DML address. ``[C]an be used to "sign" messages with the private address so nobody can claim it was he, who sent it. Also useful if people block the DML address itself (see point above)'' [2]
DML to Person The receivers are explicitly specified and only those receivers will be able to decrypt the message. ``This can be used, if the user thinks the response might be useful for [specific] members of the given DML.'' [2]

Comparison

The following table tries to summarize the (in my opinion) most important differences between CMLs and DMLs.

CML DML
Centralized. Single point of failure. Decentralized. No single point of failure.
Easily (centrally) moderated4 Has to be moderated by each user
Spammers can be blacklisted. Blacklisting spammers sending from the DML address also blacklists legitimate, anonymous messages. Spammers sending from another address can be blacklisted just like with CML.
Send messages to broadcast client who in turn broadcast them to subscribers. Broadcast messages directly to subscribers.
Sender is pseudonymous. Sender is anonymous when using the DML address as the sender address. Otherwise, sender is pseudonymous.
User must know CML address to send and receive messages. User must know passphrase as well as DML address to send and receive messages.

1 Specifically, the private key is computed in src/shared.py in the reloadBroadcastSendersForWhichImWatching() method.

2 The private and public keys are computed in src/class_addressGenerator.py.

3 From [2]: "There is no technical difference between creation and joining a DML. Joining requires the address to make sure that you typed the DML name correctly and to make sure that you are using the correct stream number and address version which are included in the address and serves as an error check for the client."

4 BM-Moderator is an open-source moderation utility for CMLs developed by Adam Melton

References

[1] BitmessageWiki, "Mailing list," , 2014.
[Bibtex]
@online{BitmessageCML,
author="BitmessageWiki",
title="Mailing List",
year=2014,
month=01,
url={https://bitmessage.org/wiki/Mailing_List},
urldate={2014-02-20}
}
[2] BitmessageWiki, "Decentralized mailing list," , 2014.
[Bibtex]
@online{BitmessageDML,
author="BitmessageWiki",
title="Decentralized Mailing List",
year=2014,
month=01,
url={https://bitmessage.org/wiki/Decentralized_Mailing_List},
urldate={2014-02-20}
}

About the author

Jesper Borgstrup Jesper is a Masters student of computer science at the University of Copenhagen.

One thought on “Bitmessage centralized and decentralized mailing lists”

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>