A bitcoin user has created a way in which to use a bitcoin address to securely read email. The project, named B1txr, allows users to provide their bitcoin address, followed by @b1txr.com, to anyone as a way of avoiding giving out their real email address.

Of course, there are other ways to encrypt email. However, GPG/PGP encryption requires both ends to be using the same software, which is rarely the case. The same is the case for Bitmessage.

B1txr provides a simpler way to privately receive email. The site receives emails and stores them for you. When you login, you must prove that you own the bitcoin address by signing a string of text provided by B1txr. This relies on asymmetric encryption, just like Bitcoin and SSL, and so this is a practically unspoofable method of authentication.

Once signed in, you can see any messages that have been sent to that inbox. Note that B1txr is in early testing, and so storage on the server is limited. Therefore, this is not meant to be a long term storage measure.

This is an interesting proof of concept, but closer examination illuminates just how insecure email is. Any email that is sent across the Internet is sent using the SMTP protocol which is not encrypted. It is impossible to know whether a message has been read while it was on its way to the recipient. While there are various ways of encrypting the content of a message, there are currently none that hide the so-called “envelope” of the message. While the sender’s address can be faked, the receiving address cannot be falsified or the message won’t be delivered correctly.

In that sense, using B1txr is no different than setting up a temporary email address (e.g. mailinator). However, bitcoin addresses (and associated keys) can be generated offline with a bitcoin client, which is marginally better than setting up a fake email account. The developer clearly states that B1txr is subject to all the same legal requirements as any other email provider.

The project is in its early days, and therefore, there is no way to send email from the service.

You can read B1txr’s FAQ here.