[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 05/05: worked on introduction
From: |
gnunet |
Subject: |
[taler-anastasis] 05/05: worked on introduction |
Date: |
Sat, 06 Jun 2020 11:48:45 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit a5ca501bc47396b7a4e99681beab035e286ddec8
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
AuthorDate: Sat Jun 6 09:48:35 2020 +0000
worked on introduction
---
doc/thesis/bibliothek.bib | 9 ++++++++-
doc/thesis/introduction.tex | 10 +++++++---
2 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/doc/thesis/bibliothek.bib b/doc/thesis/bibliothek.bib
index 3b6bd7c..8420d16 100644
--- a/doc/thesis/bibliothek.bib
+++ b/doc/thesis/bibliothek.bib
@@ -69,7 +69,7 @@
organization = {heise online},
year = 2014,
urldate = {2020-03-07},
- url =
{https://www.heise.de/security/meldung/31C3-CCC-Tueftler-hackt-Merkels-Iris-und-von-der-Leyens-Fingerabdruck-2506929.html},https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html
+ url =
{https://www.heise.de/security/meldung/31C3-CCC-Tueftler-hackt-Merkels-Iris-und-von-der-Leyens-Fingerabdruck-2506929.html},
}
@online{millions_lost,
title = {Bitcoin: Millions of dollars of cryptocurrency 'lost'
after man dies with only password},
@@ -329,3 +329,10 @@
urldate = {2020-06-05},
url =
{https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html},
}
+@online{pepdoc,
+ title = {Welcome to p≡p Documentation!},
+ organization = {pEp Security SA},
+ year = 2020,
+ urldate = {2020-06-06},
+ url = {https://www.pep.security/docs/},
+}
diff --git a/doc/thesis/introduction.tex b/doc/thesis/introduction.tex
index 97b33a0..b8e8b9a 100644
--- a/doc/thesis/introduction.tex
+++ b/doc/thesis/introduction.tex
@@ -5,9 +5,11 @@ We have a software solution for the described problem. We call
our solution "Ana
There are several applications which are in need of a key escrow system like
Anastasis. For example for email encryption using Pretty Good Privacy
(PGP)~\cite{garfinkel1995} you need a private key which is stored to the device
running PGP. Losing the PGP private key means following: All received emails
which are encrypted with a key derived from the private key are unreadable and
you need to build your trust network again. Because emails could contain high
sensitive information, it is ne [...]
+Pretty Easy privacy (short p\equiv p) is "a cyber security solution which
protects the confidentiality and reliability of communications for citizens,
for public offices and for enterprises"~\cite{pepdoc}. It secures communication
via email by providing an end-to-end cryptography. For this the software uses a
private key. The impact of losing the private key is similar to those of PGP.\\
+
Another application relying on a core secret are cryptocurrencies like
Bitcoin. Each user of Bitcoin needs a so called Wallet which stores and
protects the private keys of the user. Those private keys legitimate its owners
to spend the bitcoins corresponding to the keys \cite{LLLW*2017}. Therefore
losing those keys means losing all the corresponding Bitcoins which in some
cases could be a loss of millions of Euros \cite{millions_lost}.\\
-FIXME: PEP, TALER, Europaeische Zentralbank
+Taler is a new electronic payment system for privacy-friendly online
transactions. Their digital wallet is also protected by a private key which
loss means losing all the money stored in the wallet. Therefor the ECB
(European Central Bank) informed Taler Systems SA about the requirement for
electronic wallets denominated in Euros to support password-less data recovery.
From this impulse the project Anastasis was finally born.
\subsection{Principles}
For Anastasis we have following design principles, in order of importance:
@@ -20,7 +22,8 @@ For Anastasis we have following design principles, in order
of importance:
\end{enumerate}
\subsection{Approaches}
-Our approach to solve the problem of key management is to split a secret into
several shares and to distribute the shares with an open set of escrow
providers (see figure \ref{fig:system_arch2}). To restore the secret again, the
user has to authenticate with the escrow providers. After successful
authentication the user gets the shares to reassemble the secret.
+\subsubsection{Secret sharing and recovery}
+Our approach to solve the problem of key management is to let the user split
their secret across multiple escrow providers (see figure
\ref{fig:system_arch2}). To restore the secret again, the user has to follow
standard authentication procedures. After successful authentication the user
gets the secret shares to reassemble the secret.
\begin{figure}[H]
\centering
\includegraphics[scale=0.33]{images/system-architecture_2.png}
@@ -28,7 +31,8 @@ Our approach to solve the problem of key management is to
split a secret into se
\label{fig:system_arch2}
\end{figure}
-
+\subsubsection{Derive user identifier}
+Every person has some hard to guess, semi-private and unforgettably inherent
attributes such as name and passport number, social security number or AHV
number (in Switzerland). We use those attributes to derive an user identifier
from (see figure \ref{fig:user_id}).
\begin{figure}[H]
\centering
\includegraphics[scale=0.3]{images/user_id.png}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.