Practical application of Electrum's Encrypt/Decrypt message feature?

0

It's pretty clear how signing a message with a Bitcoin key can be useful in proving ownership of funds.

However, it's far from clear how encrypting a message with a Bitcoin key can do anything useful. This feature is available from Tools/Encrypt/decrypt message, and appears to use ECIES or some variant of it:

https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme

It seems that at least one developer is doubtful about the security of such schemes:

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-August/006581.html

Security aside, what practical reason would anyone have to encrypt a message with a Bitcoin key?

Rich Apodaca

Posted 2018-04-11T22:58:54.310

Reputation: 1 896

Answers

0

Presumably, using a bitcoin public key you could encrypt a message, and only the person who controlled a private key associated with that bitcoin address would be able to read the message.

It's really a question whether you have confidential/private/secret information that you wish to share.

If you're looking for an hypothetical use case, imagine you paid your doctor in cryptocurrency for an embarrassing medical test, the result could be sent back encrypted such that only the person who paid can read it.

Or, Lets say you paid for software license online with cryptocurrency, the software key can be sent back encrypted such that only the person who paid could read the key.

Owen Delahoy

Posted 2018-04-11T22:58:54.310

Reputation: 153

This doesn't work because frequently the keys that signed the transaction are not controlled by the actual payee. See also: https://en.bitcoin.it/wiki/From_address

G. Maxwell 2019-01-23T19:21:40.927

Yes, it assumed that the person who maintains access to their key. Should they lose access to their private key they will be unable to decrypt the message. Should someone else gain access to their private key the message's contents is no longer confidential.

It also assumes that the type of transaction revealed a public key such as Pay-to-PubkeyHash. – Owen Delahoy 2019-01-24T07:59:48.187

1I think you did not read the link in my response as it has nothing to do with losing access.G. Maxwell 2019-01-24T08:14:41.420

From that page, I addressed unreliability assumptions 3.2, 3.3 and 3.4. Which unreliability assumption were you specifically referring to?Owen Delahoy 2019-01-24T12:40:37.437

-1

I'm not sure about the security of using this signature algorithm as an encryption scheme.

But as far as usefulness it seems very clear to me that this is a very nice and useful feature.

It basically gives you the ability to use bitcoin addresses as email addresses! Imagine sending messages to an address (which's pubkey is known as it already made a payment) by simply encrypting a message with the public key and broadcasting it as e.g. an OP_RETURN transaction.

Only the owner of the bitcoin address could read it.. A trustless distributed messaging scheme without the need to signup anywhere. Quite revolutionary if you ask me..

tobi

Posted 2018-04-11T22:58:54.310

Reputation: 138

Asked: 2018-04-11T22:58:54.310

Viewed: 219 times

Active: 2019-10-21T10:02:00.343