[taler-anastasis] branch master updated: granting

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 04d44a6  granting
04d44a6 is described below

commit 04d44a6923be57fefcae507d0ca178999d48fb06
Author: Christian Grothoff <address@hidden>
AuthorDate: Tue Jan 21 13:33:52 2020 +0100

    granting
---
 doc/ledger.txt | 136 +++++++++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 114 insertions(+), 22 deletions(-)

diff --git a/doc/ledger.txt b/doc/ledger.txt
index 6891db9..bd64fc5 100644
--- a/doc/ledger.txt
+++ b/doc/ledger.txt
@@ -2,9 +2,31 @@ Submission via https://ledger-2nd-open-call.fundingbox.com/
 
 
 Project description:
-Tagline (140 c):
 
-Brief descrioption: (1000 c)
+Tagline (140 c): Password-less key recovery via multi-factor multi-party 
authentication
+
+Brief description: (1000 c)
+
+In situations where users can remember sufficiently strong
+passphrases, key recovery is easily implemented by deriving the key
+from the secret passphrase.  However, for many applications this
+strategy is insufficient.  Our project was inspired by a discussion
+the GNU Taler team had with the European Central Bank, which informed
+them about a requirement for electronic wallets denominated in Euros
+to support password-less recovery.
+
+Anastasis will allow users to securely recover secret keys without
+necessarily relying on passwords or other key material.  Instead, the
+key material is split across multiple independent Anastasis service
+providers, and users are enabled to recover their master key by
+authenticating with each provider.
+
+Our protocol ensures that - without prior knowledge- the service
+providers learn nothing from the protocol except the minimum amount of
+data required to authenticate the user. Even that information is only
+disclosed at the time of authentication.
+
+
 
 Website:
 
@@ -30,16 +52,42 @@ Challenge and Product / Service (1000 characters)
 Description of research component (500 characters)
 -- relation to Distributed Data governnance / privacy by design
 
+Secret splitting is a well-known technique for distributing
+trust. Given that the user is fully trusted, the Anastasis scenario is
+actually a simple form of secret splitting, as no distributed key
+generation is required. However, at the same time Anastasis would
+likely be one of the first secret splitting services to be offered to
+end-users.  While the protocol offers privacy-by-design, it requires
+private inputs in the user interface. Thus the UX is the real research
+challenge.
 
 Technology description: (500 characters)
 -- how does it work, architecture
 
+We assume users have hard to guess, semi-private and unforgettable
+inherent attributes like name, passport number or birthday. From
+these, we derive an identity key. From the identity key, we derive
+keys to encrypt the recovery policy and authentication attributes such
+as phone number, address or a photo. Anastasis providers are given
+encrypted authentication attributes and key shares to return upon
+successful authentication.  The design uses only symmetric
+cryptography & is post-quantum secure.
+
+
 Vertical: (200 characters)
 - how does it fit with LEDGER strategic research and innovation workprogramme
 
 
-How will your product improve citizen's control over their data:
--- 500 characters
+How will your product improve citizen's control over their data: (500 
characters)
+
+Having core secrets is crucial for all scenarios where citizens are
+their own data controllers. While being one's own data controller is
+the best-case scenario for privacy, the availability of the core
+secret then becomes a crucial data security issue. Anastasis permits
+users to split the core secret across any number of semi-trusted
+providers. Users decide which combination of authentications and
+providers is required to recover the core secret, and the policy
+itself remains private.
 
 
 IMPACT
@@ -47,40 +95,84 @@ IMPACT
 
 Addressable market (500 c)
 
+Various applications need to somehow secure core secrets of their
+users. We have all read stories about Bitcoin fortunes having gone
+lost because users lost their electronic wallets, but the same
+challenge also applies to classical electronic payment providers using
+electronic wallets for fiat currencies. Securing private keys is also
+an issue for classical encryption solutions such as OpenPGP. All of
+these applications urgently need a privacy-respecting key recovery
+service.
 
 Strategy and scalability (1000 c)
 
+Initially, few applications will support Anastasis. Hence, our
+business will launch by being paid by companies that need an escrow
+provider to be included in their product offering. In particular, we
+have an agreement with Taler Systems SA, which will integrate our
+protocol with their software and additionally pay us to operate an
+Anastasis server for Taler users. Similar discussions are ongoing with
+other companies. At a later stage, the service will operate on
+payments from its users.
+
 
 Business model (500 c)
 
+Income will be derived from businesses that want to offer a
+privacy-friendly and robust key escrow feature with their software or
+service. Such businesses may pay us to operate a low-volume service,
+or to help integrate Anastasis with their product. Once many users
+utilize Anastasis, we expect end-users will directly pay for the
+service. We will automate our processes to the point where virtually
+no staff time is required to operate the service, thus ensuring
+profitability despite low fees.
 
-Contribution of building blocks to grow open software ecosystems (?)
 
+Contribution of building blocks to grow open software ecosystems (?)
 
+In addition to making the main Anastasis service logic Free Software
+(AGPL), we will want to enable applications to easily integrate the
+client side functionality. Hence, we will implement libraries that
+implement the Anastasis client, and make those also available as Free
+Software.
 
 
 Contribution to Sustainable Development Goals (SDG). Please, select all SDG to 
which your project might contribute. More info on SDG at 
https://sustainabledevelopment.un.org/?menu=1300
-SDG#1. No Poverty;
-SDG#2. Good Health and wellbeing;
-SDG#5. Gender Equality;
-SDG#7. Affordable and Clean Energy;
-SDG#8. Decent work and economic growth;
-SDG#9. industry, innovation and infrastructure;
-SDG#10. Reduced inequalities;
-SDG#11. Sustainable cities and communities;
-SDG#12. Responsible consumption and production;
-SDG#16. Peace, Justice and strong institutions;
-None of the above
-
-
-
-Projections:
-- year / users / clients / sales / profit / employees
+  SDG#1. No Poverty;
+  SDG#2. Good Health and wellbeing;
+  SDG#5. Gender Equality;
+  SDG#7. Affordable and Clean Energy;
+  SDG#8. Decent work and economic growth;
+X SDG#9. industry, innovation and infrastructure; (9.3)
+  SDG#10. Reduced inequalities;
+  SDG#11. Sustainable cities and communities;
+  SDG#12. Responsible consumption and production;
+  SDG#16. Peace, Justice and strong institutions;
+  None of the above
+
+
+Projections (at 20 cents/user annual fee):
+- year /  users / clients / sales / profit / employees
+
+- 2020 /       0 /       1 /    5k / -100k  / 2.5 FTE
+- 2021 /  100000 /       2 /   30k /  -50k  / 1.5 FTE
+- 2022 / 1000000 /       4 /  200k /    0k  / 2.0 FTE
+- 2023 / 5000000 /       5 /  500k /  100k  / 2.0 FTE
+
+Assumptions: 0.10 cents fee after 2023 (competition!), First two years
+initial development cost, then only operations.  5k revenue from
+initial "business users" (Taler, pEp); but not after profitability was
+reached.  2023: 100k payment to Taler Systems to drive 10% of its 50M
+users to Anastasis. (Ditto for pEp ;-)).
 
 
 5 core business metrics
 
-
+- # revenue from businesses requiring escrow operation
+- # core secretes in escrow
+- # applications with Anastasis integration
+- # server operating costs
+- # staff operating costs
 
 
 IMPLEMENTATION

-- 
To stop receiving notification emails like this one, please contact
address@hidden.