Skip to content

Multi addresses and mailinglists

Jump to bottom
Joshua Thijssen edited this page Jun 14, 2020 · 3 revisions

When sending a message to a single address, it's easy to create a header which a single key/iv for the recipient address.

With a single user:

  1. Encrypt blocks & attachments with IVs/Keys
  2. Generate the catalog
  3. Generate a header for the given user by encrypting the catalog with the public key of the recipient

But what if we have multiple recipients?

  1. Encrypt blocks & attachments with IVs/Keys
  2. Generate the catalog
  3. For each recipient: generate a header for the given user by encrypting the catalog with the public key of the recipient

So basically, sending to multiple users is just generating a custom header for each recipient. However, this is not something a mail server should do: it would mean that the mail server has the unencrypted header (and thus catalog and blocks) of a message. Instead, the mail client should do this.

This means:

  • when sending to 1000 users:
  • send blocks and attachments to mail server
  • send catalog to mail server
  • send 1000 headers with key per catalog/recipient

Mailing lists

Since sending email costs effort, sending out emails to large number of users is not economic. Instead, we should use mailinglists.

A mailinglist is nothing more than a tuple consisting of (mailinglist-id, subscription-id, address).

A mailinglist is bound to a single origin address. A server should verify if the sender is the valid sender (by signature).

The tuple is known on the mail-server. If the mail-server does not match the tuple OR the identity of the sender the catalog and blocks are not accepted. (mailinglists can be verified by sending the header only).

Example

  • We have an sender address 0facdc971111a5d8324ce8c3f79f05566efbe02656cb7d4589b55748dacd9962 (info@bitmaelum!)
  • We have a mailing list ID: 31786431-52fa-415f-9076-2025eb8cd800
  • We have a subscription ID: 87c800d1-b6eb-4e0e-93d3-adc3d43693f9
  • We have an address 2e4551de804e27aacf20f9df5be3e8cd384ed64488b21ab079fb58e8c90068ab (example!)

We should generate a signature by encrypting the following information with the sender address private key:

    SHA256(sender address + ":" + mailinglist id + ":" + subscription id + ":" + recipient address)

Only when the signature is correct (by checking against the public key of the sender), and the mailing-list, subscription, address tuple is found ON THE MAILSERVER, then the message is accepted.

When sending a message, this would be the header:

{
  "from": {
    "address": "0facdc971111a5d8324ce8c3f79f05566efbe02656cb7d4589b55748dacd9962",
    "public_key": "-----BEGIN RSA PUBLIC KEY----.....-----END RSA PUBLIC KEY-----",
    "proof_of_work": {
      "bits": 22,
      "proof": 12345
    }
  },
  "to": {
    "address": "2e4551de804e27aacf20f9df5be3e8cd384ed64488b21ab079fb58e8c90068ab"
    "mailing": "31786431-52fa-415f-9076-2025eb8cd800"
    "subscription": "87c800d1-b6eb-4e0e-93d3-adc3d43693f9"
    "signature": "Q4b6...N/vVBY68E="
  },
  "catalog": {
    "size": 1948,
    "checksum": [
      ...
    ],
    "crypto": "rsa+aes256",
    "key": "Q4b6...N/vVBY68E=",
    "iv": "IVIVIVIVelM1Zz09"
  }
}

BitMaelum Logo

Clone this wiki locally