gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] 03/05: small fixes

From: gnunet
Subject: [taler-anastasis] 03/05: small fixes
Date: Thu, 04 Jun 2020 00:20:13 +0200 
This is an automated email from the git hooks/post-receive script.

dennis-neufeld pushed a commit to branch master
in repository anastasis.

commit bb8ecfd0826d53438e5a6367be0bc4e8f9a81a46
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
AuthorDate: Wed Jun 3 20:21:02 2020 +0000

    small fixes
---
 doc/thesis/abstract.tex        | 23 +++++++++--------------
 doc/thesis/acknowledgments.tex |  4 ++--
 doc/thesis/introduction.tex    |  3 +++
 doc/thesis/related_work.tex    |  4 ++--
 doc/thesis/thesis.tex          |  4 +++-
 5 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/doc/thesis/abstract.tex b/doc/thesis/abstract.tex
index e2cead6..50fab49 100644
--- a/doc/thesis/abstract.tex
+++ b/doc/thesis/abstract.tex
@@ -1,16 +1,11 @@
 \begin{abstract}
-       Everyone has probably noticed at least once through the media that 
someone has lost their key to their electronic wallet and therefore huge sums 
of money have become useless. Therefore, backup systems are essential to avoid 
such cases.\\
-       
-       But how should one create and manage such a backup of a key? It 
certainly makes no sense to encrypt a key with a different password and then 
use the result as a backup. After all, this password can also be forgotten. 
Apart from that, the question arises how or where to save such a backup. A 
simple storage on e.g. Google Drive bears several risks: On the one hand, we 
are talking about Google, a company that is known to cooperate with certain 
authorities, and on the other hand, the cloud  [...]
-       Unfortunately, to the best of our knowledge, there is no backup 
solution for keys that works password-less while giving the user complete 
control over his data.\\
-       
-       With Anastasis this gap shall be filled and a solution for secure 
recovery of secret keys, which works without passwords or other key material, 
shall be offered. This is achieved by splitting the
-       key material across multiple independent Anastasis service
-       providers, and enabling users to recover their master key by
-       authenticating with each provider.\\
-       
-       Our protocol ensures that - without prior knowledge- the service
-       providers learn nothing from the protocol except the minimum amount of
-       data required to authenticate the user. Even that information is only
-       disclosed at the time of authentication.
+\addcontentsline{toc}{section}{abstract}
+Everyone has probably noticed at least once through the media that someone has 
lost their key to their electronic wallet and therefore huge sums of money have 
become useless. Therefore, backup systems are essential to avoid such cases.\\
+
+But how should one create and manage such a backup of a key? It certainly 
makes no sense to encrypt a key with a different password and then use the 
result as a backup. After all, this password can also be forgotten. Apart from 
that, the question arises how or where to save such a backup. A simple storage 
on e.g. Google Drive bears several risks: On the one hand, we are talking about 
Google, a company that is known to cooperate with certain authorities, and on 
the other hand, the cloud s [...]
+Unfortunately, to the best of our knowledge, there is no backup solution for 
keys that works password-less while giving the user complete control over his 
data.\\
+
+With Anastasis this gap shall be filled and a solution for secure recovery of 
secret keys, which works without passwords or other key material, shall be 
offered. This is achieved by splitting the key material across multiple 
independent Anastasis service providers, and enabling users to recover their 
master key by authenticating with each provider.\\
+Our protocol ensures that - without prior knowledge- the service providers 
learn nothing from the protocol except the minimum amount of data required to 
authenticate the user. Even that information is only disclosed at the time of 
authentication.\\ \\
+This thesis describes the design and implementation of Anastasis.
 \end{abstract}
\ No newline at end of file
diff --git a/doc/thesis/acknowledgments.tex b/doc/thesis/acknowledgments.tex
index 86776c4..fac4199 100644
--- a/doc/thesis/acknowledgments.tex
+++ b/doc/thesis/acknowledgments.tex
@@ -1,3 +1,3 @@
-\begin{abstract}
+\section*{Acknowledgements}
+\addcontentsline{toc}{section}{Acknowledgements}
 We wish to thank Christian Grothoff for the help and support he has provided 
throughout our work on Anastasis. We also thank the GNU Taler SA which provided 
us feedback within the development and helped us to apply to different fundings.
-\end{abstract}
\ No newline at end of file
diff --git a/doc/thesis/introduction.tex b/doc/thesis/introduction.tex
new file mode 100644
index 0000000..e68a050
--- /dev/null
+++ b/doc/thesis/introduction.tex
@@ -0,0 +1,3 @@
+\section{Introduction}
+
+Introduction here
diff --git a/doc/thesis/related_work.tex b/doc/thesis/related_work.tex
index 668de6a..1f032e0 100644
--- a/doc/thesis/related_work.tex
+++ b/doc/thesis/related_work.tex
@@ -52,7 +52,7 @@ In Anastasis the user is the trusted dealer who splits the 
secret and also recon
 \subsubsection{Shamir's Secret Sharing}
 The algorithm "Shamir's Secret Sharing" is one of the most well known secret 
sharing scheme. It „divide[s] data D into n pieces in such a way that D is 
easily reconstructible from any k pieces, but even complete knowledge of k - 1 
pieces reveals absolutely no information about D“ \cite{shamir_sharing}.\\
 Shamir’s simple secret sharing scheme has two key limitations. First, it 
requires a trusted dealer who initially generates the secret to be distributed, 
and second the shares are not verifiable during reconstruction. Therefore, 
malicious shareholders could submit corrupt shares to prevent the system from 
reconstructing the secret -- without these corrupt shareholders being 
detectable as malicious. Furthermore, the dealer distributing the shares could 
be corrupt and distribute some incons [...]
-Despite this, Shamir's Secret Sharing is inflexible because the "k out of 
n"-design and also is very inefficient for big n. For Anastasis we need a more 
flexible solution allowing other cases too. The user of Anastasis should be 
able to decide himself which combinations of \textit{players} shall be used.
+Despite this, Shamir's Secret Sharing is inflexible because it is a (k, n) 
threshold scheme and also is very inefficient for big n. For Anastasis we need 
a more flexible solution allowing other cases, too. The user of Anastasis 
should be able to decide himself which combinations of \textit{players} shall 
be used.
 
 \subsubsection{Verifiable Secret Sharing}
 Verifiability can be achieved by using so called commitment schemes like the 
Pederson commitment. It allows „to distribute a secret to n persons such that 
each person can verify that he has received correct information about the 
secret without talking with other persons“ \cite{pedersen_sharing_0}. In his 
paper „A Practical Scheme for Non-interactive Verifiable Secret Sharing“ 
\cite{feldman_sharing}, Paul Feldman  combines the two schemes Shamir Secret 
Sharing and Pederson commitment. His [...]
@@ -103,7 +103,7 @@ In Anastasis we also need to store the phone number to the 
server. But in our ca
 
 \subsubsection{E-mail authentication}
 Authentication by e-mail is very similar to SMS authentication. Here, the user 
receives an OTP by e-mail and has to provide it during authentication process.\\
-
+git 
 FIXME: drawbacks,vulnerability\\
 In Anastasis the mail address of the user is stored in an encrypted way, too. 
The user has to provide the corresponding key to the server during 
authentication process.
 
diff --git a/doc/thesis/thesis.tex b/doc/thesis/thesis.tex
index 4621860..df68152 100644
--- a/doc/thesis/thesis.tex
+++ b/doc/thesis/thesis.tex
@@ -37,6 +37,7 @@
   Dennis Neufeld (\texttt{dennis.neufeld@students.bfh.ch })}
 \maketitle
 
+\pagenumbering{roman}
 \include{acknowledgments}
 \include{abstract}
 
@@ -44,7 +45,8 @@
 \tableofcontents
 \clearpage
 
-\include{motivation}
+\pagenumbering{arabic}
+\include{introduction}
 
 \include{project_management}
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]