[taler-anastasis] branch master updated: fixes

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: fixes

From:	gnunet
Subject:	[taler-anastasis] branch master updated: fixes
Date:	Thu, 11 Jun 2020 11:51:51 +0200

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 77fe053  fixes
77fe053 is described below

commit 77fe0532776a7175df57611a74ebf80065b4cb19
Author: Dominik Meister <dominiksamuel.meister@students.bfh.ch>
AuthorDate: Thu Jun 11 11:51:45 2020 +0200

    fixes
---
 doc/thesis/images/recovery_process.png | Bin 67810 -> 56690 bytes
 doc/thesis/images/secret_split.png     | Bin 85527 -> 71801 bytes
 doc/thesis/implementation.tex          |  10 +++++-----
 doc/thesis/server_architecture.tex     |  16 ++++++++--------
 4 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/doc/thesis/images/recovery_process.png 
b/doc/thesis/images/recovery_process.png
index 063d055..af2de2d 100644
Binary files a/doc/thesis/images/recovery_process.png and 
b/doc/thesis/images/recovery_process.png differ
diff --git a/doc/thesis/images/secret_split.png 
b/doc/thesis/images/secret_split.png
index 604a231..876bfdf 100644
Binary files a/doc/thesis/images/secret_split.png and 
b/doc/thesis/images/secret_split.png differ
diff --git a/doc/thesis/implementation.tex b/doc/thesis/implementation.tex
index d347ace..c7563ec 100644
--- a/doc/thesis/implementation.tex
+++ b/doc/thesis/implementation.tex
@@ -108,8 +108,8 @@ process.
 \item After the user has generated the public key, per will create a
   truth object on the client. The truth object contains all the needed
   information for the recovery for this key share. This truth object
-  is sent encrypted to the server and stored under a UUID the client
-  generated (POST /truth/\$UUID).
+  is sent encrypted to the server and stored under the TRUTH\_PUB the client
+  generated (POST /truth/\$TRUTH\_PUB).
 \item In this scenario the client has not jet paid for the
   upload. This means the server will respond with the HTTP status code
   \texttt{402 Payment required}. The client first must do a payment with our
@@ -156,7 +156,7 @@ Figure~\ref{fig:recovery_process} illustrates the recovery 
process.
   policies and authentication methods. The user now has to solve these
   challenges. In this example the user has to answer a secure question
   which was sent to them in the recovery document. (GET
-  /truth/\$UUID?response=\$RESPONSE) \\
+  /truth/\$TRUTH\_PUB?response=\$RESPONSE) \\
 \item Note the server can define that a challenge has a certain cost,
   in this scenario the server rejects the first request because the
   user has not yet paid for recovery.  After the payment the user can
@@ -170,10 +170,10 @@ Figure~\ref{fig:recovery_process} shows the flow using a 
secure
 question for the authentication challenge. If the user would have
 chosen a complex authentication method like SMS or E-Mail, the client
 would first need to start the challenge with the request (GET
-/truth/\$UUID). The server would then notify the user that per will
+/truth/\$TRUTH\_PUB). The server would then notify the user that per will
 receive some token out of bounds. After that, the user would have to
 provide for example the PIN sent to them via SMS with the same request
-as before (GET /truth/\$UUID?resonse=\$RESPONSE).
+as before (GET /truth/\$TRUTH\_PUB?resonse=\$RESPONSE).
 
 
 \subsection{Client Application Command Line Interface (CLI)}
diff --git a/doc/thesis/server_architecture.tex 
b/doc/thesis/server_architecture.tex
index 21e8c88..7641029 100644
--- a/doc/thesis/server_architecture.tex
+++ b/doc/thesis/server_architecture.tex
@@ -70,18 +70,18 @@ how they would be implemented.
 
 In all cases, the authentication process begins by the user decrypting
 their (encrypted) recovery document, which contains a list of Anastasis
-providers, associated authentication methods, \$UUIDs and associated
+providers, associated authentication methods, truth\_seeds and associated
 truth encryption keys.  The recovery process than varies slightly
 depending on the authentication method.
 
 \paragraph{SMS (sms)}
 
 The user tells the server with a request that they wants to authorize
-key recovery (via GET /truth/\$UUID), providing a way to decrypt the
+key recovery (via GET /truth/\$TRUTH\_PUB), providing a way to decrypt the
 truth with the phone number. The server will then generate a \$PIN and
 send it via an SMS provider to the stored number in the truth
 object. The client then must send another request with the sent \$PIN
-(via GET /truth/\$UUID?resonse=\$PIN). The server can now check
+(via GET /truth/\$TRUTH\_PUB?resonse=\$PIN). The server can now check
 if the two PINs match. Upon success, the server returns the encrypted
 key share.
 
@@ -96,7 +96,7 @@ result in accidental information leakage about the user from 
the image
 before encrypting and uploading it to the Anastasis provider.
 
 For recovery, the user must first send a request to server that they
-wants to authorize recovery (GET /truth/\$UUID).  The Anastassis
+wants to authorize recovery (GET /truth/\$TRUTH\_PUB).  The Anastassis
 provider will then decrypt the user's image and send a request with a
 \$TOKEN to a video authentication provider that a user wants to
 authenticate, and respond to the user with a link to a video
@@ -104,18 +104,18 @@ conference.  The video authentication provider then 
checks via video
 conference that the user in the image is the same that they have on
 the video link. Upon success, the video provider releases the \$TOKEN
 to the user.  The client then must send another request with the
-\$TOKEN (via GET /truth/\$UUID?resonse=\$TOKEN). The Anastasis
+\$TOKEN (via GET /truth/\$TRUTH\_PUB?resonse=\$TOKEN). The Anastasis
 provider checks that the tokens match, and upon success returns the
 encrypted key share.
 
 \paragraph{Post identification (post)}
 
 The user tells the Anastasis provider with a request that they want
-to authenticate using Post identification (GET /truth/\$UUID).  The
+to authenticate using Post identification (GET /truth/\$TRUTH\_PUB).  The
 Anastasis provider uses the request to decrypt the user's truth to
 determine the user's postal address, and sends them letter containing
 a \$PIN.  Upon receiving the letter, the client then has to send
-another request with the \$PIN (GET /truth/\$UUID?resonse=\$PIN). The
+another request with the \$PIN (GET /truth/\$TRUTH\_PUB?resonse=\$PIN). The
 server can now check if the two PINs match. Upon success the server
 will release the encrypted key share.
 
@@ -131,6 +131,6 @@ either.
 
 If the user wants to recover the key share from the server, they must
 provide the (salted) hash of the answer to the security question (via
-GET /truth/\$UUID?response=\$HASH). The server then checks if the
+GET /truth/\$TRUTH\_PUB?response=\$HASH). The server then checks if the
 stored and the provided hash match. Upon success the server responds
 with the encrypted key share.

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-anastasis] branch master updated: fixes, gnunet <=

Prev by Date: [taler-anastasis] branch master updated: modified crypto API
Next by Date: [taler-anastasis] branch master updated: moved glossary to document end
Previous by thread: [taler-anastasis] branch master updated: modified crypto API
Next by thread: [taler-anastasis] branch master updated: moved glossary to document end
Index(es):
- Date
- Thread