[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: rename escrow method
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: rename escrow method |
Date: |
Wed, 10 Jun 2020 18:32:41 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 453ff5f rename escrow method
453ff5f is described below
commit 453ff5f6b0c3f84401268cce6f3288cb16a7fe60
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
AuthorDate: Wed Jun 10 16:32:37 2020 +0000
rename escrow method
---
doc/thesis/design.tex | 19 +++++++++----------
doc/thesis/glossary.tex | 27 ++++++++++++++-------------
doc/thesis/images/keys_anastasis.png | Bin 100045 -> 128549 bytes
3 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/doc/thesis/design.tex b/doc/thesis/design.tex
index efd1bdf..1753000 100644
--- a/doc/thesis/design.tex
+++ b/doc/thesis/design.tex
@@ -41,9 +41,8 @@ The figure~\ref{fig:keys_anastasis} gives an overview of the
keys used in Anasta
\noindent In the following the keys shown in the
figure~\ref{fig:keys_anastasis} on
page~\pageref{fig:keys_anastasis} are explained:
-FIXME IDENTITY KEY -> KDF\_ID
\begin{description}
- \item[identity key] {The {\em identity key} is derived from the user
attributes and a
+ \item[kdf id] {The {\em kdf id} is derived from the user attributes and
a
randomly generated server salt provided by the escrow provider using
Argon2. It is used to derive
the {\em private account key}, the {\em symmetric key 1} and the {\em
symmetric key 2}.}
\item[private account key] {The {\em private account key} is used to
sign the {\em encrypted
@@ -87,11 +86,11 @@ recover their core secret.
\subsection{The recovery document}
A {\em recovery document} includes all the information a user needs to
-recover access to their core secret. It specifies a set of {\em escrow
+recover access to their core secret. It specifies a set of {\em authentication
methods}, which specify how the user should convince the Anastasis
-server that they are ``real''. Escrow methods can for example include
+server that they are ``real''. Authentication methods can for example include
SMS-based verification, Video-identification or a security
-question. For each escrow method, the Anastasis server is provided
+question. For each authentication method, the Anastasis server is provided
with (initially encrypted) {\em truth}, that is data the Anastasis
operator may learn during the recovery process to authenticate the
user. Examples for truth would be a phone number (for SMS), a picture
@@ -100,15 +99,15 @@ answer. A strong adversary is assumed to be able to learn
the truth,
while weak adversaries must not (except if they are the provider and
then they may learn it only during key recovery).
-In addition to a set of escrow methods and associated Anastasis server
+In addition to a set of authentication methods and associated Anastasis server
operators, the recovery document also specifies {\em policies}, which
-describe the combination(s) of the escrow methods that suffice to
+describe the combination(s) of the authentication methods that suffice to
obtain access to the core secret. For example, a policy could say that
-the escrow methods ``$A$ and $B$'' suffice, and a second policy may
+the authentication methods ``$A$ and $B$'' suffice, and a second policy may
permit ``$A$ and $C$''. A different user may choose to use the policy
that ``$A$ and $B$ and $C$'' are all required. Anastasis imposes no
limit on the number of policies in a recovery document, or the set of
-providers or escrow methods involved in guarding a user’s secret. Weak
+providers or authentication methods involved in guarding a user’s secret. Weak
adversaries must not be able to deduce information about a user’s
recovery document (except for meta data such as its length or
approximate creation time, which may be exposed to an adversary which
@@ -306,7 +305,7 @@ recovery_document_encrypt(kdf_id, recovery_document)
\end{lstlisting}
\begin{description}
- \item[encrypted\_recovery\_document] {The encrypted recovery document
which contains the escrow methods, policies and the encrypted core secret.}
+ \item[encrypted\_recovery\_document] {The encrypted recovery document
which contains the authentication methods, policies and the encrypted core
secret.}
\item[encrypted\_key\_share] {The encrypted key\_share which the escrow
provider must release upon successful authentication.}
\item[nonce] {Nonce which is used to generate keys and ivs which are
used for the encryption. The nonce must contain either eks or erd.}
\item[encrypted\_data] {The encrypted data contains the either a
recovery document or a key share which was encrypted and the nonce and the
aes\_gcm\_tag. To be able to decrypt it the first 32Bytes are the nonce and the
next 12 Bytes are the aes\_gcm\_tag.}
diff --git a/doc/thesis/glossary.tex b/doc/thesis/glossary.tex
index e6bc657..b689e10 100644
--- a/doc/thesis/glossary.tex
+++ b/doc/thesis/glossary.tex
@@ -1,14 +1,15 @@
\section*{Glossary}
-\addcontentsline{toc}{section}{Glossary}
-\textbf{recovery document}, a data structure which contains a set of policies
and challenges. \\
-\textbf{policy}, a policy is a list of challenges which need to be solved to
recover the core secret.\\
-\textbf{challenge}, a challenge is a data structure which holds information
about a user authentication for a escrow provider.\\
-\textbf{truth}, truth is a data structure which defines how a user
authentication is performed, it also contains the key share which is released
upon successful authentication..\\
-\textbf{escrow provider}, this is referred to servers which operate
Anastasis.\\
-\textbf{key share}, a key share is a random byte sequence which is combined
with other key shares to create a policy key.\\
-\textbf{core secret}, the core secret is the data which the user wants to
protect with Anastasis. \\
-\textbf{master key}, the master key is a randomly generated key which is used
to encrypt the user's core secret. \\
-\textbf{policy key}, every policy holds a separate policy key which is built
through the combination of the key shares. The policy key is used to encrypt
the master key.\\
-\textbf{kdf\_id}, the kdf\_id is an Argon2 hash over the user's unforgettable
password.\\
-
-FIXME authentication method!!
+%\addcontentsline{toc}{section}{Glossary}
+\begin{description}
+ \item[recovery document] {A data structure which contains a set of
policies and challenges.}
+ \item[policy] {A policy is a list of challenges which need to be solved
to recover the core secret.}
+ \item[challenge] {A challenge is a data structure which holds
information about a user authentication for a escrow provider.}
+ \item[truth] {A truth is a data structure which defines how a user
authentication is performed, it also contains the key share which is released
upon successful authentication.}
+ \item[escrow provider] {An escrow provider is referred to servers
which operate Anastasis.}
+ \item[key share] {A key share is a random byte sequence which is
combined with other key shares to create a policy key.}
+ \item[core secret] {The core secret is the data which the user wants to
protect with Anastasis.}
+ \item[master key] {The master key is a randomly generated key which is
used to encrypt the user's core secret.}
+ \item[policy key] {Every policy holds a separate policy key which is
built through the combination of the key shares. The policy key is used to
encrypt the master key.}
+ \item[kdf id] {The kdf id is an Argon2 hash over the user's
unforgettable password.}
+ \item[authentication method] {An authentication method specifies how
the user should convince the escrow provider that he is authorized to get a key
share.}
+\end{description}
\ No newline at end of file
diff --git a/doc/thesis/images/keys_anastasis.png
b/doc/thesis/images/keys_anastasis.png
index 85a43f6..a6730a3 100644
Binary files a/doc/thesis/images/keys_anastasis.png and
b/doc/thesis/images/keys_anastasis.png differ
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: rename escrow method,
gnunet <=