[taler-anastasis] branch master updated: writing

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 3c90513  writing
3c90513 is described below

commit 3c90513cb4026b89ccb3696f4f2673bef7512bf1
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Oct 20 11:38:56 2020 +0200

    writing
---
 doc/ypsomed/ypsomed.tex | 240 ++++++++++++++++++++++++++++++++++--------------
 1 file changed, 172 insertions(+), 68 deletions(-)

diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
index fc7c8e4..d172c62 100644
--- a/doc/ypsomed/ypsomed.tex
+++ b/doc/ypsomed/ypsomed.tex
@@ -91,32 +91,130 @@ research at the Institute of the Future’s Blockchain 
Futures Lab,
 writes about his experiences in losing and trying to recover his
 wallet key.
 
-All these cases show the need for a way to backup a core secret.
-The most common solution for this problem is to ask the user to remember
-a strong passphrase, but this is inadequate for mass adoption. Users
-tend to either make passwords too easy or are bad at remembering them.
-As previously mentioned the loss of such a core secret can cause severe
-data and financial losses for a user. Our project was conceived as a solution
-to similar problems several privacy-enhancing software projects are facing 
today.
-Specifically, the Swiss pretty Easy privacy project (https://pep.foundation), 
an E-Mail encryption solution,
-needs an easy way for users to recover their private keys to avoid the loss of
-encrypted E-Mails. Furthermore, Taler Systems SA is building an electronic 
payment
-system and is facing an equivalent challenge: The European Central Bank 
informed them
-about a requirement for electronic wallets denominated in Euros to support 
password-less data recovery.
-Cryptocurrencies and E-health data platforms like MI-DATA where end-users are 
expected to be in control of their
-data also face this well-known issue. We designed Anastasis to address this 
common problem of cryptographic consumer products.
+Anastasis was conceived as a solution to equivalent problems several
+privacy-enhancing software projects are facing today.  Specifically,
+we were motivated by the needs of two software projects developed
+in Switzerland:
+\begin{enumerate}
+  \item The Swiss pretty Easy privacy project (\url{https://pep.foundation/}),
+an E-Mail encryption solution, needs an easy way for users to recover
+their private keys to avoid the loss of encrypted
+E-Mails.
+\item Taler is an electronic payment system and the European
+  Central Bank informed them about a requirement for electronic wallets
+  denominated in Euros to support password-less data recovery.
+\end{enumerate}
+
+Furthermore, we have had positive feedback from identity management
+solution providers (Fraunhofer AISEC) and developers of
+cryptocurrencies (NYM from Lausanne) as well as E-health data
+platforms (MI-DATA).  In all of these cases, end-users are expected to
+be in control of their data, and thus they all face this well-known
+issue for which existing solutions are inadequate for various reasons.
+
+
+\subsection{Existing solutions}
+
+There are a few key recovery solutions on the market today. Some
+examples of existing key recovery solutions and their problems shall
+be introduced in the following.
+
+Coinbase is a global digital asset exchange company which provides a
+venue to buy and sell crypto currencies. Coinbase uses wallets secured
+with private keys. To recover this private key the user must provide a
+12-word recovery phrase. Coinbase now offers a “solution” to securely
+deposit this recovery phrase onto the users Google Drive. The security
+here lies within the Google Account and the password used to encrypt
+the security phrase. The problem here is that this approach undermines
+confidentiality: It simply exchanges a hard to guess 12-word
+passphrase with a shorter and easier to guess Google password.
+
+Vault12 is a service using Shamir Secret Sharing provided by the
+Vault-Tec Corporation. Shamir Secret Sharing is a so called „Social
+Recovery“ method. It allows to split all kind of data, (pictures,
+passphrases, cryptographic keys) into shares and distribute them to
+trusted entities, called „Guardians“ in Vault12. To recover the data a
+subset of the chosen Guardians is asked to release their share. The
+released shares are used to reconstruct the data again. Vault12 is
+available for iOS, Android, Windows and MacOS. Unfortunately it is not
+Free Software and therefore lacks transparency.
+
+MI-DATA is a Swiss platform for e-health data. They also use Shamir
+secret splitting to distribute recovery information among a fixed set
+of staff members. However, during key recovery their system
+administrator can have full access to the private health data, voiding
+all the safety assurances key-splitting is supposed to achieve.
+
+Connect.me is a closed source digital identity wallet. The recovery of
+the used key and the wallet works similar to Coinbase: An encrypted
+backup of the user data is stored on the cloud, which can be
+downloaded and decrypted using a recovery phrase. The software offers
+no solution how the user keeps this phrase. The user is therefore
+responsible for storing it correctly.
+
+uPort is an opensource digital identity wallet based on
+Etherium. uPort also works with the 12-word-recovery phrase and also
+does not offer a solution for the user to securely store the phrase.
+
+
+\subsection{Our principles}
+
+We have seen that various existing applications need a way to backup
+(and recover) a core secret. Anastasis addresses this challenge
+while abiding by the following principles:
+
+\begin{enumerate}
+\item
+   Anastasis is Free Software, allowing other parties to audit the
+   solution and to verify its trustworthiness.
+ \item
+   Anastasis does not rely on the trustworthiness of individual providers.
+   It is possible to use Anastasis safely, even if a subset of the
+   providers is malicious. Anastasis minimizes the amount of information
+   exposed to providers and the network.
+ \item
+   Anastasis puts the user in control: They get to decide which
+   combinations of authentication steps will be required to restore
+   their core secret. The core secret always remains exclusively
+   under the user's control, even during recovery.
+ \item
+   Anastasis is economically viable to operate. In particular,
+   we do not require secure hosting or for users to obtain
+   custom hardware.
+ \item
+   Anastasis supports a diverse range of use cases.
+   For this, Anastasis offers a generic API for application
+   developers to use.
+\end{enumerate}
+
+We want Anastasis to be used by all applications sharing this problem,
+and not be a custom solution for only one application. The main use
+cases for Anastasis are applications which need a private key to
+operate.  Examples include: encrypted communication like Telegram,
+Pretty Good Privacy or Pretty Easy Privacy, digital currencies and
+payment solutions like Bitcoin and Ethereum, hard-disk encryption and
+password managers.  These are all critical services and can cause
+severe damage should access be lost as well as if the data is
+disclosed to unauthorized parties.
 
 
 \section{Summary of the work accomplished}
-Anastasis is a key recovery system that allows the user to securely deposit 
shares of a core secret with an open set of escrow
-providers, and to recover the secret if the user lost it. The main objective 
of Anastasis is to ensure that the user
-can reliably recover the core secret, while making this as difficult as 
possible for everyone else. The core secret
-itself is protected from the escrow providers by giving each provider only 
part of the information, and additionally
-by encrypting it with an identity-based key unknown to the providers. Our 
protocol ensures that - without prior
-knowledge- the service providers learn nothing from the protocol except the 
minimum amount of data required to
-authenticate the user. Even that information is only disclosed at the time of 
authentication.
+
+Anastasis is a key recovery system that allows the user to securely
+deposit shares of a core secret with an open set of escrow providers,
+and to recover the secret if the user lost it. The main objective of
+Anastasis is to ensure that the user can reliably recover the core
+secret, while making this as difficult as possible for everyone
+else. The core secret itself is protected from the escrow providers by
+giving each provider only part of the information, and additionally by
+encrypting it with an identity-based key unknown to the providers. Our
+protocol ensures that --- without prior knowledge --- the service
+providers learn nothing from the protocol except the minimum amount of
+data required to authenticate the user. Even that information is only
+disclosed at the time of authentication.
 
 \subsection{Approach}
+
 Our approach to solve the problem of key recovery is to let the user
 split their core secret across multiple escrow providers.
 To recover their core secret, the user has to authorize the
@@ -213,69 +311,75 @@ Users that have successfully authorized data recovery 
will receive the encrypted
  \end{figure}
 In the last step the user reassembles the decrypted parts of the core secret.\\
 
-\subsection{Current status}
-We created a working prototype of the application during our Bachelor thesis.
-We developed a working backend and a command line program as client.
-As a payment system we have already integrated GNU Taler.
-At the moment we only developed the authentication with the secure question.
-We are currently implementing the other authentication methods (email, SMS, 
post, video).
-Besides that we are currently developing a client with a graphical user 
interface.
-Another open point is the integration of the software into other applications 
(Taler, PEP).
-For a more detailed overview of the open work see the project plan below.
 
-\section{Discussion of the technical implementation potential}
-There are a few key recovery solutions on the market today. Some examples of 
existing key recovery solutions and their problems shall be introduced in the 
following.
+\subsection{Current status}
 
-Coinbase is a global digital asset exchange company which provides a venue to 
buy and sell crypto currencies. Coinbase uses wallets secured with private 
keys. To recover this private key the user must provide a 12-word recovery 
phrase. Coinbase now offers a “solution” to securely deposit this recovery 
phrase onto the users Google Drive. The security here lies within the Google 
Account and the password used to encrypt the security phrase. The problem here 
is that this approach undermines  [...]
+We created a working prototype of the application during our Bachelor
+thesis including all of the cryptography and core data management
+operations.  We completed a working command line program as a
+demonstrator.  As a payment system, we have integrated support for GNU
+Taler.  We support authentication with the secure question method.
 
-Vault12 is a service using Shamir Secret Sharing provided by the Vault-Tec 
Corporation. Shamir Secret Sharing is a so called „Social Recovery“ method. It 
allows to split all kind of data, (pictures, passphrases, cryptographic keys) 
into shares and distribute them to trusted entities, called „Guardians“ in 
Vault12. To recover the data a subset of the chosen Guardians is asked to 
release their share. The released shares are used to reconstruct the data 
again. Vault12 is available for iOS,  [...]
+We are currently implementing additional authentication methods
+(email, SMS, post, video) and a graphical user interface.
 
-MI-DATA is a Swiss platform for e-health data. They also use Shamir secret 
splitting to distribute recovery information among a fixed set of staff 
members. However, during key recovery their system administrator can have full 
access to the private health data, voiding all the safety assurances 
key-splitting is supposed to achieve.
+The next step will be to integrate the software with other
+applications (p$\equiv$p, MI-DATA) and payment methods (credit cards,
+cryptocurrencies).
 
-Connect.me is a closed source digital identity wallet. The recovery of the 
used key and the wallet works similar to Coinbase: An encrypted backup of the 
user data is stored on the cloud, which can be downloaded and decrypted using a 
recovery phrase. The software offers no solution how the user keeps this 
phrase. The user is therefore responsible for storing it correctly.
 
-uPort is an opensource digital identity wallet based on Etherium. uPort also 
works with the 12-word-recovery phrase and also doesn’t offer a solution for 
the user to securely store the phrase.
+\section{Discussion of the technical implementation potential}
 
-As we can see the most solutions either work with shamir secret splitting or 
with a passphrase. The Method with the passphrase is too unreliable, the user
-has to remember his secret or his key is lost, resulting in a single point of 
failure.
-The other solutions are based on Shamir secret splitting. The main problem of 
shamir secret splitting is that it is not flexible. With Shamir secret 
splitting, the user can only define a threshold at which point the 
authentication is successful. With Anastasis the user can define which 
combinations of providers can successfully recover the secret. As an example we 
have the Providers A, B, C and D. The user knows the provider A and fully 
trusts him. This means the user can now set up comb [...]
+\section{Project plan}
 
-Anastasis offers a generic API for the clients. This means Anastasis can be 
used for many different use cases. The main use cases for Anastasis are 
applications which need a private key to operate. For example: Encrypted email 
communication like PGP or PEP, Digital currencies and payment solutions like 
Bitcoin and Ethereum. Other use cases which need a passphrase are also a good 
use case for Anastasis. For example: Password managers where you must remember 
your master password or Hard dr [...]
+A key challenge for Anastasis is that we need to offer a diverse set
+of authentication methods, as required from our business customers. To
+fully offer these in-house would substantially increase the complexity
+of our business.  While we need to be able to authenticate users on
+demand, this will be an infrequent business process. Thus, our
+strategy is to outsource the execution of specific authentication
+procedures to specialised providers. For example, inexpensive cloud
+services exist for sending SMS, physical mail, or performing video
+identification.  Thus, our development focus will be the integration
+of these services.
+
+A second challenge is to acquire new customers. Our main distribution
+channel are companies offering privacy- enhancing solutions to
+consumers. We will work with these companies to integrate Anastasis
+with their products, and to enter into business agreements to ensure
+that we are the default provider in the software delivered to the
+customer.  Our objective for the first year is to implement several
+authentication services, have a working cloud deployment with
+monitoring, and to be integrated with various cryptographic consumer
+products.
 
+To summarize, our current key software development objectives are:
+\begin{itemize}
+\item support for additional authentication methods and deployment in the 
clouds,
+\item integration into cryptographic consumer products, and
+\item enable customers to pay with additional payment methods.
+\end{itemize}
 
-\section{Project plan}
-A key challenge for Anastasis is that we need to offer a diverse set of 
authentication methods, as required from
-our business customers. To fully offer these in-house would substantially 
increase the complexity of our business.
-While we need to be able to authenticate users on demand, this will be an 
infrequent business process. Thus, our
-strategy is to outsource the execution of specific authentication procedures 
to specialised providers. For example,
-inexpensive cloud services exist for sending SMS, physical mail, or performing 
video identification. Thus, our
-development focus will be the integration of these services.
-A second challenge is to acquire new customers. Our main distribution channel 
are companies offering privacy-
-enhancing solutions to consumers. We will work with these companies to 
integrate Anastasis with their products,
-and to enter into business agreements to ensure that we are the default 
provider in the software delivered to the
-customer.
-Our objective for the first year is to implement several authentication 
services, have a working cloud
-deployment with monitoring, and to be integrated with various cryptographic 
consumer products.
-Key milestones are the various integrations of the different authentication 
methods, the integration of
-cryptographic consumer products, and the deployment of our application.
-Additionally, we would always look out for new customers and clients who could 
benefit from Anastasis.
 
 \section{Business model}
-We are currently in the process of building a start-up for the
-Anastasis application. This business model shows an overview how we
-operate Anastasis within our start-up.
+
+We are currently in the process of building a start-up for
+Anastasis. This business model shows an overview how we plan to
+operate the Anastasis start-up.
 
 \subsection{Key partners}
 
 Our key partners for Anastasis are three entities. First the business
-partners, Taler Systems SA and p$\equiv$p Foundation, with whom we could
-already make contracts and wish to integrate our product.  Second are
-the providers of Cloud services. To operate Anastasis with minimal
-cost we need the service of these providers. These providers can
-additionally provide us authentication services, this also minimizes
-the complexity of our solution since we do not have to implement these
-services by ourselves.  Such a provider could be for example Amazon
-AWS, Azure, Google.
+partners, such as Taler Systems SA, p$\equiv$p Foundation and NymTech,
+with whom we already made contract and who wish to integrate our
+product with their offerings.
+
+Second are the providers of Cloud services. To operate Anastasis with
+minimal cost we need the service of these providers. These providers
+can additionally provide us authentication services, this also
+minimizes the complexity of our solution since we do not have to
+implement these services by ourselves.  Such a provider could be for
+example Amazon AWS, Azure, Google.
 
 In addition to these industry partners, we also count on the continued
 support by the BFH for hosting and mentoring. Prof. Dubius has already

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.