Secure communication: Bitmessage

Thank you for the review. There has been some debate recently about PFS in Bitmessage. I would appreciate if someone who has more experience in cryptography helped with the design. My suggestion would be to add ephemeral subkeys with an expiry date (and perhaps manual revokation), which are not a part of the address, so you can rekey. The sender would simply request a key as now, and he’ll get an ephemeral subkey (or two, one for encryption and one for signing, like it does not) which is then deleted after a while. Since there are no real sessions, PFS as normally understood (by me) is not possible. See

More recent development releases of Bitmessage have better integration with faster PoW methods, for example a C PoW using OpenSSL and OpenCL using PyOpenCL.