[taler-anastasis] branch master updated: misc edits all over the place

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 20cf508  misc edits all over the place
20cf508 is described below

commit 20cf50809540c18560e7a9120b2b7e40a3dc87a1
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Jun 7 14:08:37 2020 +0200

    misc edits all over the place
---
 doc/thesis/business_model.tex      | 219 ++++++++++++++++++++++++++++++-------
 doc/thesis/conclusion.tex          |  19 +++-
 doc/thesis/design.tex              |   6 +-
 doc/thesis/server_architecture.tex |   2 +-
 4 files changed, 199 insertions(+), 47 deletions(-)

diff --git a/doc/thesis/business_model.tex b/doc/thesis/business_model.tex
index 46aceb6..b1ddc2f 100644
--- a/doc/thesis/business_model.tex
+++ b/doc/thesis/business_model.tex
@@ -1,59 +1,200 @@
 \section{Business model}
-\subsection{Introduction}
-We are currently in the process of building a start-up for the Anastasis 
application. This business model shows an overview how we want to build our 
start-up and how we want to continue our work on the project.
-
-\subsection{Executive Summary}
-Users of cryptography are frequently facing the challenge to secure their core 
secrets (private keys), and the contemporary default of asking them to remember 
strong passphrases is inadequate for mass adoption. The loss of such a core 
secret can cause severe damage for a user. Our project was conceived as a 
solution to
-similar problems several privacy enhancing software projects are facing today. 
Specifically, the Swiss Pretty Easy Privacy project (https://pep.foundation), 
an E-Mail encryption solution which needs an easy way for users to recover 
their private keys to avoid the loss of encrypted E-Mails.
-The GNU Taler team (lead by Prof. Grothoff) is building an electronic payment 
system and is facing an equivalent challenge: the European Central Bank 
informed them about a requirement for electronic wallets denominated in Euros 
to support password-less data recovery.
-We designed Anastasis to address this common problem of cryptographic consumer 
products.
-Within our bachelor thesis we could build a working prototype of the 
application.
-But this application is not a finished product. Within the thesis we only 
could implement rudimentary authentication methods. To satisfy the
-requirements of our industry partners we need to have several different 
authentication methods (SMS, Videoident...) implemented. Additionally, the 
Anastasis environment will need proper automatization. Specifically, monitoring 
of the integration with external authentication providers, the correct 
operation of the backup mechanism and the business logic. To make Anastasis 
ready for public usage we estimate the need of an additional year of 
development.
-The resulting start-up would initially receive B2B revenue from companies that 
need our solution for their cryptographic consumer product. In addition to 
Taler and PEP we are in discussion with developers of crypto currencies from 
Zug and Lausanne. Subsequently these contacts would evolve into distribution 
channels,
-and Anastasis would eventually earn money directly from its users.
-Cryptographic solutions which are not open to the public are not trustworthy. 
As seen lately with the Crypto AG. Experts recommend to only use Free and Libre 
Open Source Software (FLOSS) especially for cryptography. Therefore, Anastasis 
is licensed under the Affero GPL which will prevent other companies
-from creating or operating proprietary forks.
-Being first to market and thus the default provider in various consumer 
products will be a key business advantage.
+
+We are currently in the process of building a start-up for the
+Anastasis application. This business model shows an overview how we
+want to build our start-up and how we want to continue our work on the
+project.
+
+\subsection{Executive summary}
+
+Users of cryptography are frequently facing the challenge to secure
+their core secrets (private keys), and the contemporary default of
+asking them to remember strong passphrases is inadequate for mass
+adoption. The loss of such a core secret can cause severe damage for a
+user. Our project was conceived as a solution to similar problems
+several privacy enhancing software projects are facing
+today. Specifically, the Swiss Pretty Easy Privacy
+project\footnote{\url{https://pep.foundation/}}, an E-Mail encryption
+solution which needs an easy way for users to recover their private
+keys to avoid the loss of encrypted E-Mails.  The GNU Taler team is
+building an electronic payment system and is facing an equivalent
+challenge: the European Central Bank informed them about a requirement
+for electronic wallets denominated in Euros to support password-less
+data recovery.  We designed Anastasis to address this common problem
+of cryptographic consumer products.  Within our bachelor thesis we
+could build a working prototype of the application.  But this
+application is not a finished product. Within the thesis we only could
+implement rudimentary authentication methods. To satisfy the
+requirements of our industry partners we need to have several
+different authentication methods implemented. Additionally, the
+Anastasis environment will need proper automatization. Specifically,
+monitoring of the integration with external authentication providers,
+the correct operation of the backup mechanism and the business
+logic. To make Anastasis ready for public usage we estimate the need
+of an additional year of development.  The resulting start-up would
+initially receive B2B revenue from companies that need our solution
+for their cryptographic consumer product. In addition to Taler and PEP
+we are in discussion with developers of crypto currencies from Zug and
+Lausanne. Subsequently these contacts would evolve into distribution
+channels, and Anastasis would eventually earn money directly from its
+users.  Cryptographic solutions which are not open to the public are
+not trustworthy. As seen lately with the Crypto AG. Experts recommend
+to only use Free and Libre Open Source Software (FLOSS) especially for
+cryptography. Therefore, Anastasis is licensed under the Affero GPL
+which will prevent other companies from creating or operating
+proprietary forks.  Being first to market and thus the default
+provider in various consumer products will be a key business
+advantage.
 
 \subsection{Market review and innovation potential}
 
-There are already some key recovery or key splitting solutions on the market. 
For example, there is a solution from Coinbase. Coinbase is a global digital 
asset exchange company, providing a venue to buy and sell digital currencies. 
Coinbase also uses wallets secured with private keys. To recover this private 
key the user has to provide a 12 words recovery phrase. Coinbase now offers a 
solution to securely deposit this recovery phrase onto the users Google Drive. 
The security here lies w [...]
-Today information losses from security incidents are rampant, either because 
data is exposed (loss of confidentiality) or because users lose their data 
because of lacking backups (loss of availability). As seen in the study of the 
Global Data Protection Index 2018 \cite{global_data_index}, 76\% of those 
interviewed had an availability incident. 1TB of data loss or 20 hours of 
downtime reportedly costs half a million dollars. On the other hand, loss of 
confidential private data can result [...]
-Prominent cases in which sometimes enormous amounts of money have been gone 
useless by losing the key to the digital wallet clarify the urgent need of a 
key recovery system like Anastasis. For example the case QuadrigaCX exchange 
was heavily discussed in the media when the chief executive, Gerald Cotton, 
unexpectedly died and left £145 million in a “cold wallet”. 
\cite{millions_lost} In some cases there is a workaround to recover a lost key, 
provided there is a security hole in the digit [...]
+There are already some key recovery or key splitting solutions on the
+market. For example, there is a solution from Coinbase. Coinbase is a
+global digital asset exchange company, providing a venue to buy and
+sell digital currencies. Coinbase also uses wallets secured with
+private keys. To recover this private key the user has to provide a 12
+words recovery phrase. Coinbase now offers a solution to securely
+deposit this recovery phrase onto the users Google Drive. The security
+here lies within the Google Account and the password used to encrypt
+the security phrase. The problem here is that this approach undermines
+confidentiality. It exchanges a hard to guess password with a shorter
+and easier to guess password. The difficulty is to simultaneously
+assure availability and confidentiality, instead of trading one for
+the other. By allowing citizens to simultaneously achieve
+confidentiality and availability we improve their ability to exercise
+their right to informational self-determination.
+
+Today information losses from security incidents are rampant, either
+because data is exposed (loss of confidentiality) or because users
+lose their data because of lacking backups (loss of availability). As
+seen in the study of the Global Data Protection Index
+2018~\cite{global_data_index}, 76\% of those interviewed had an
+availability incident. 1TB of data loss or 20 hours of downtime
+reportedly costs half a million dollars. On the other hand, loss of
+confidential private data can result in fines under data protection
+regulation, as well as a difficult to quantify loss of reputation.
+Prominent cases in which sometimes enormous amounts of money have been
+gone useless by losing the key to the digital wallet clarify the
+urgent need of a key recovery system like Anastasis. For example the
+case QuadrigaCX exchange was heavily discussed in the media when the
+chief executive, Gerald Cotton, unexpectedly died and left £145
+million in a “cold wallet”.~\cite{millions_lost}
+
+In some cases there is a workaround to recover a lost key, provided
+there is a security hole in the digital wallet software that can be
+exploited, but it is far from user friendly and also questions the
+confidentiality of data in such a system. In his article “’I Forgot My
+PIN’: An Epic Tale of Losing \$30,000 in Bitcoin” \cite{forgot_my_pin}
+Mark Frauenfelder, a former editor at WIRED and the director of
+research at the Institute of the Future’s Blockchain Futures Lab,
+writes about his experiences in losing and trying to recover his
+wallet key.
 
 \subsection{Business model canvas}
 
 \subsubsection{Key partners}
-Our key partners for Anastasis are 3 entities. First the business partners, 
Taler Systems SA and PEP Foundation, with whom we could already make contracts 
and wish to integrate our product.
-Second are the providers of Cloud Services. To operate Anastasis with minimal 
cost we need the service of these providers. These providers can additionally 
provide us authentication services, this also minimizes the complexity of our 
solution since we do not have to implement these services by ourselves.
-Such a provider could be for example Amazon AWS, Azure, Google.
-At last we also have the BFH as a key partner. The BFH supported us with 
various means during our Bachelor thesis.
+
+Our key partners for Anastasis are three entities. First the business
+partners, Taler Systems SA and PEP Foundation, with whom we could
+already make contracts and wish to integrate our product.  Second are
+the providers of Cloud Services. To operate Anastasis with minimal
+cost we need the service of these providers. These providers can
+additionally provide us authentication services, this also minimizes
+the complexity of our solution since we do not have to implement these
+services by ourselves.  Such a provider could be for example Amazon
+AWS, Azure, Google.
+
+In addition to these industry partners, we also count on the continued
+support by the BFH for hosting and mentoring. Prof. Dubius has already
+agreed to serve on our advisory board, and Prof. Grothoff would be
+happy to serve as non-executive chairman for the company.
+
 \subsubsection{Key activities}
-The main work of our start up is the completion of our software for commercial 
use. This involves the integration of different authentication methods and the 
integration of our application into the different consumer applications. 
Another key activity is the maintenance and deployment of our service.
+
+The main work of our start up is the completion of our software for
+commercial use. This involves the integration of different
+authentication methods and the integration of our application into the
+different consumer applications. Another key activity is the
+maintenance and deployment of our service.
+
 \subsubsection{Key resources}
-Our developers need a device to work with, we agreed to the policy to “bring 
your own device” this means the start-up does not have to invest in hardware. 
To operate our application, we will need servers to provide our service, as 
previously mentioned we would provide our service on a Cloud provider.
-For the further development of our service we need two fulltime employees. 
These two developers would also be responsible for the maintenance and 
deployment of the application. Additionally, the start-up needs a person who is 
responsible for the business of Anastasis. This employee would be responsible 
to find new
-business partners and present our application to investors. This employee 
would only work part time. To be able to finance the start-up Anastasis needs 
investors or funding until the application is finished for the market.
-\subsubsection{Value Propositions}
-As mentioned earlier there are a lot of solutions which need a key recovery 
system. Anastasis is also a very privacy friendly and transparent solution. 
Also, Anastasis will make sure that the application is very user friendly and 
inexpensive to use.
+
+Our developers need a device to work with, we agreed to the policy to
+“bring your own device” this means the start-up does not have to
+invest in hardware. To operate our application, we will need servers
+to provide our service, as previously mentioned we would provide our
+service on a Cloud provider.  For the timely further development of
+our service and integration with various authentication providers,
+payment solutions and applications needing key recovery, we see an
+initial need for at least two fulltime employees. These developers
+would also be responsible for the maintenance and deployment of the
+application.
+
+Additionally, the start-up needs a person who is responsible for the
+business of Anastasis. This employee would be responsible to find new
+business partners and present our application to investors. This
+employee might initially work only part-time. To be able to properly
+launch the start-up, we are hoping to find a combination of investors
+and grants.
+
+\subsubsection{Value propositions}
+
+As mentioned earlier there are many applications which need a key
+recovery system. Anastasis is also a privacy friendly and transparent
+solution. Furthermore, Anastasis will make sure that the application
+is user friendly and inexpensive.
+
 \subsubsection{Customer relationships}
-In the early stages of our start-up our customers are primary going to be 
Business customers. Like Taler Systems SA which wants to integrate our solution 
into their wallet. This means at the begin our customers are mainly the users 
of already existing solutions. In later stages of our start-up we also want to 
acquire business to customer clients, for example users who want to secure 
their private key for their disk encryption.
+
+In the early stages of our start-up our customers are primary going to
+be Business customers. Like Taler Systems SA which wants to integrate
+our solution into their wallet. This means at the begin our customers
+are mainly the users of already existing solutions. In later stages of
+our start-up we also want to acquire business to customer clients, for
+example users who want to secure their private key for their disk
+encryption.
+
 \subsubsection{Customer segments}
-As mentioned earlier our customers will be primarily other solutions which 
need a way to backup their keys.
-Many applications with decentralized structures need such a solution.
-Other possible customers are users of digital currencies or users of OpenPGP 
solutions.
+
+As mentioned earlier our customers will be primarily other solutions
+which need a way to backup their keys.  Many applications with
+decentralized structures need such a solution.  Other possible
+customers are users of digital currencies or users of OpenPGP
+solutions.
+
 \subsubsection{Cost structure}
-The main cost for our start-up is the salary of our employees. We need to have 
two fulltime employees for the development and one part time employee for the 
business development. Additional costs for the start-up are the costs for 
registering a company. To provide Anastasis we need Cloud-services, these would 
also cost a little bit.
+
+The main cost for our start-up is the salary of our employees. We need
+to have two or more fulltime employees for the development and one
+part time employee for the business development. Additional costs for
+the start-up are the costs for registering a company. To provide
+Anastasis as a service, we expect to make use of existing public Cloud
+services, which also cost a little bit.
 
 \subsubsection{Revenue streams}
-In the beginning, businesses like Taler Systems SA will pay us to operate an 
Anastasis server and to help them integrate our protocol with their software.
-Once we have many end-users utilizing Anastasis, they will have to pay 
directly for the service. The users have to pay a subscription fee and micro 
payments for each transaction. For example a user has to pay 0.1 CHF per month 
for the subscription and 0.01 CHF for each upload. Additionally, the user would 
have to pay for expensive authentication methods like video identification.
+
+In the beginning, businesses like Taler Systems SA will pay us to
+operate an Anastasis server and to help them integrate our protocol
+with their software.  Once we have many end-users utilizing Anastasis,
+they will have to pay directly for the service. The users have to pay
+a subscription fee and micro payments for each transaction. For
+example a user has to pay 0.1 CHF per month for the subscription and
+0.01 CHF for each upload. Additionally, the user would have to pay for
+expensive authentication methods like video identification.
 
 \subsection{Project plan}
-Our objective for the first year is for Anastasis to implement several 
authentication services, have a working cloud deployment with good monitoring, 
and to be integrated with various cryptographic consumer products.
-We will hire one developer for the integration with external authentication 
providers and monitoring of our cloud deployment. The other developer will 
focus on the integration of Anastasis with consumer products.
-Key milestones are the various integrations of the different authentication 
methods, the integration of cryptographic consumer products, and the deployment 
of our application. Additionally, we would always look out for new customers 
and clients who could benefit from Anastasis
+
+Our objective for the first year is for Anastasis to implement several
+authentication services, have a working cloud deployment with good
+monitoring, and to be integrated with various cryptographic consumer
+products (Figure~\ref{fig:bi_project_plan}).  We plan to hire one
+developer for the integration with external authentication providers
+and monitoring of our cloud deployment, and a second one to focus on
+the integration of Anastasis with consumer products.  Key milestones
+are the various integrations of the different authentication methods,
+the integration of cryptographic consumer products, and the deployment
+of our application. Additionally, we would always look out for new
+customers and clients who could benefit from Anastasis.
 
 \begin{figure}[H]
        \centering
diff --git a/doc/thesis/conclusion.tex b/doc/thesis/conclusion.tex
index 86bbdf8..bd95a7d 100644
--- a/doc/thesis/conclusion.tex
+++ b/doc/thesis/conclusion.tex
@@ -1,5 +1,16 @@
 \section{Conclusion and outlook}
-The Anastasis project was a very interesting experience for us. We could learn 
a lot in software development and learned a lot about the process of funding 
proposals.
-We may did not meet all the technical requirements, but instead we have been 
able to establish many business opportunities.\\
-The Anastasis project will not be finished by this point, at the moment we are 
starting to build a start-up to be able to continue working on Anastasis.
-We think that our protocol is good designed and can solve the problem of key 
recovery. We hope that in the future people can back up their keys with 
Anastasis.
+
+Anastasis is a privacy-preserving and robust technical solution to the
+problem of key recovery.  Open challenges remain in particular with
+respect to usability, as the user experience --- and in particular
+convincing the users that their private data truly remains private
+with Anastasis --- will be crucial for commercial success. While we
+have started to make plans for a graphical user interface, it was not
+possible to conduct actual usability studies in the scope of the
+thesis.
+
+Overall, the thesis was an interesting experience for us. We learned
+much about software development and had our first successful B2B
+interactions.  The Anastasis project will not be finished at the end
+of the thesis, but instead we plan to build a start-up to be able to
+launch a proper product around our work on Anastasis.
diff --git a/doc/thesis/design.tex b/doc/thesis/design.tex
index a3869bc..75d46cc 100644
--- a/doc/thesis/design.tex
+++ b/doc/thesis/design.tex
@@ -107,7 +107,7 @@ will allow the user to recover the master key. A recovery 
document
 contains the encrypted core secret, a set of escrow methods and a set
 of policies.
 
-\subsection{Key Derivations}
+\subsection{Key derivations}
 
 EdDSA public keys are always points on Curve25519 and
 represented using the standard 256-bit Ed25519 compact format. The
@@ -275,7 +275,7 @@ recovery_document_encrypt(kdf_id, recovery_document)
 aes\_gcm\_tag.
 
 
-\subsubsection{Signatures}
+\subsection{Signatures}
 
 The EdDSA keys are used to sign the data sent from the client to the
 server. Everything the client sends to server is signed. An equivalent
@@ -307,7 +307,7 @@ ver_res = eddsa_verifiy(version, 
anastasis-account-signature, eddsa_pub)
 
 
 
-\subsection{Availability Considerations}
+\subsection{Availability considerations}
 
 Anastasis considers two main threats against availability. First, the
 Anastasis server operators must be protected against denial-of-service
diff --git a/doc/thesis/server_architecture.tex 
b/doc/thesis/server_architecture.tex
index 38eda25..d86c2f9 100644
--- a/doc/thesis/server_architecture.tex
+++ b/doc/thesis/server_architecture.tex
@@ -61,7 +61,7 @@ The database schema consists of four main tables:
 \end{itemize}
 
 
-\subsubsection{Authentication Methods}
+\subsubsection{Authentication methods}
 
 This section describes an overview over the different possible
 authentication methods for Anastasis. In our implementation only the

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.