Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

Use BitMessage for Secure Messages

Normal email is not secure! With the thousands of malevolent hackers around the world and the rise of widespread government monitoring programs, a secure email service is needed by many individuals, corporations, and others.

A number of companies offer secure versions of email services for additional fees, each with its own advantages and disadvantages. The one drawback of all of them is that the user is dependent on the company that writes the software and provides the service. Do you trust the company’s security? Is their software really secure?

I suspect the answer is “Yes” to both of those questions although I do not know of any method of proving it. Without such assurance, a provable secure alternative that does not depend on any company or any other person for security is a very attractive offering.

One alternative is to use a service that does not depend on email companies, does not use the normal email networks, and uses open source software that is available for security examinations by anyone. It is also immune to most big tech companies’ outages that disrupt email or other messaging services due to software bugs or network failures. In addition, it is invisible to the prying eyes of hackers or government spies. Finally, it appears to be 100% legal, at least for now.

Bitmessage is an encrypted, peer-to-peer communications protocol that can be used by one person to send encrypted messages to another person or to multiple recipients. It doesn’t use normal email network protocols such as SMTP and POP3. Clear text messages are never stored in any server, only in the users’ individual computers. Hackers and spies cannot even see how many messages you send or to whom they are addressed. It is “decentralized and trustless,” meaning that it does not need to trust any entities such as root certificate authorities. It uses industrial-grade authentication, which means that the sender of a message cannot be spoofed (i.e., imitated).

Bitmessage has gained a reputation for being out of reach of warrantless wiretapping conducted by the National Security Agency (NSA) due to the decentralized nature of the protocol, and its encryption being difficult to crack.

Another important feature of Bitmessage is the ability to broadcast messages or to subscribe to broadcasts. Broadcasts are messages that are sent out to any group of Bitmessage users that are listening. In this way, organizations or individuals can send information out to their recipients anonymously if they choose.

As its name suggests, Bitmessage uses many of the security features found in Bitcoins. For more about Bitcoins, see
Bitmessage software is open source, so it is available free of charge. The source code is available to anyone who cares to look, so you can be assured there are no “backdoors” or other security loopholes in Bitmessage. Sending and receiving of messages is also free of charge for anyone who has an Internet connection; there are no monthly fees to pay to any email service. In fact, there are no fees of any kind.

Bitmessage isn’t the same thing as email although it serves many of the same purposes as normal email. It is a different service, and comparing Bitmessage to normal email is difficult. Indeed, comparing the two is similar to comparing apples and oranges. Perhaps an even better analogy is comparing normal email to text messaging; each is quite different from the other and each is used for different needs. The same is true with Bitmessage; it isn’t email and it isn’t text messaging. It is different. When evaluating Bitmessage, I suggest you not try to make a comparison. Instead, simply think of Bitmessage as a messaging system that may or may not meet your needs.

For anyone concerned with maintaining personal or corporate privacy, Bitmessage is a good alternative to normal email. It isn’t really email although the service it provides is a good substitute for email. It provides control and security over your communications, whether it is via chat, email or on social networks.

Bitmessage does not use email servers. Each message is sent directly from the sender to the recipient(s) without any required servers in between. It is a unified system that encrypts every message. Bitmessage even keeps secure the members of the communication: not only is the content of messages protected, but the names of the sender and receiver of those messages are kept secret as well.

Bitmessage uses public-key cryptography, designed such that only a recipient of a message is capable of decrypting it. This encryption algorithm works in such a way that even the original sender is not able to decrypt his or her own message, due to different keys being used for encryption and decryption. For those interested in specifics, Bitmessage uses 256-bit ECC keys and OpenSSL for cryptographic functions.

The original sender always knows whether the recipient received the message or not (through an acknowledgement system). However, this works only when sending an individual message to a single address. The system does not provide receipt acknowledgements when “broadcasting” messages to multiple recipients.

Even though there are no servers involved, sending messages does not require the recipient’s computer to be turned on and waiting for incoming messages. Since Bitmessage operates on a peer-to-peer (P2P) network, sending a message means that many encrypted bits of the message are sent to other computers that are participating in the peer-to-peer network. However, storing bits of messages on other computers for even a short period of time may raise security questions. The Bitmessage protocol handles security with the following factors:

1. None of the owners of those computers can read your message because everything is encrypted, and each computer on the peer-to-peer network only receives a tiny piece of the message, never receiving the entire message. The message sits in the networked computers, waiting for the receiving computer to be turned on and connected to the Internet. Eventually that happens, and the entire message gets delivered to the recipient.

2. Inside each computer on the peer-to-peer network, Bitmessage mixes all the encrypted messages of a given user with all the encrypted messages of all other users of the network, thus making it difficult to track which particular computer is the actual originator of the message and which computer is the recipient of the message.

3. Bitmessage nodes store the encrypted messages only for two days before erasing them. Therefore, messages are not archived in the network. Any message which did not result in a receipt acknowledgement is flagged by the Bitmessage client software and the sender is notified. The undelivered message then can be quickly re-sent by the originator of the message after the two-day period with one or two mouse clicks.

Currently, with around 5,000 nodes in the network at any given moment, a message shouldn’t take longer than about 15 seconds to be delivered to the recipient’s computer if it is turned on. Experience has shown that most messages are delivered quicker than that.

If any of the computers storing these message bits are turned off during the wait time, the network provides duplicate copies of each message bit on multiple computers. Should a very large number of those relaying computers get turned off or otherwise become not available, the sender simply sees that the message was never received (because no receive acknowledgement was made) and is invited to re-send the message again by clicking the mouse once or twice. Messages never get lost or truncated due to any computer being offline, even on long messages.
One disadvantage of Bitmessage—or maybe it is an advantage—is that both the sender and the recipient(s) must be using Bitmessage software in order to communicate.

Setting up and using Bitmessage is really easy for anyone using Macintosh or Windows; simply download and run a free executable file from Linux users will have a bit of a challenge, however, as they will need to download and compile source code in order to build their own Bitmessage client.

An Android client for Bitmessage, called Bitseal, is in development but not yet available on the Google Play Store. Please note that it has been in development for more than a year with no predicted date for its final release. See for details.

A Bitmessage client on the Web is in experimental stage and may or may not be available for use at any given time. Given its early development status, I would be reluctant to trust the security of this pre-beta software. See for details.

To obscure addresses in Bitmessage, the system uses a non-identifiable address consisting of a 36 character address of numbers and letters that will resemble this: BM-2DBXxtaBSV37DsHjN978mRiMbX5rdKNvJ6. These addresses are not assigned by any central organization. Instead, they are assigned by the software the user installs. The addresses are so long that they offer billions or even trillions of possible addresses; the odds of anyone duplicating the address of another individual are remote.

Bitmessage transmissions are secure and the sender’s address cannot be fabricated. Messages are encrypted with the public key of the recipient. Additionally, the Bitmessage client must solve a computational problem to send a message; this “proof of work” provides assurance of the sender’s true Bitmessage address. This prevents one of the major problems with regular email: spam.


Is using Bitmessage a good idea for everyone? In my opinion, the answer is, “No.”

Bitmessage software is still in beta and probably will be for some time yet. That means it is probably buggy. Admittedly, I have not yet encountered any bugs in my limited testing.

Next, not many people are familiar with Bitmessage, which means you won’t find many people with whom you can exchange Bitmessages. Of course, that isn’t much of a problem if you are concerned with messaging privacy only amongst your friends, family members, or team members. You can work with those people to install Bitmessage software on each individual’s computer(s).

Bitmessage software is not yet available for Android, iPhone, iPad, or other mobile devices.

While Bitmessage appears to promise excellent security, it is not the only game in town. There are a number of other products promising to offer industrial-grade security, and some of them are already well developed. See for a list of secure messaging applications.

While it has competitors, Bitmessage seems to offer better, verifiable security than most of the others. Again, it is available free of charge while most of its competitors cost money.

You can read more about the inner workings of Bitmessage in a white paper at: You also will probably want to read Setting Up And Using Bitmessage at:

Categories: Email Security, Encryption, Online Privacy & Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.