taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] Technical questions for backup/sync (was: UI considerations


From: Florian Dold
Subject: Re: [Taler] Technical questions for backup/sync (was: UI considerations for backup & sync)
Date: Mon, 25 May 2020 19:26:14 +0530
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0

On 5/25/20 7:17 PM, Christian Grothoff wrote:
> Exactly. I think the screen lock is a good compromise here.

Alternatively, one existing device must approve the new member of the
sync group.  If the new wallet devices isn't approved, the QR code could
only be used as a denial of service attack against the backup (by
pushing garbage to the sync server), but *not* to read sensitive
information.

This would require every wallet to have a "wallet device key pair", and
the "inner" backup is encrypted by a key encrypted to every wallet
device public key.

The wallet device private key is never exported or shown anywhere, but
synced to Anastasis (see off-list e-mail for Anastasis API concerns
regarding this).

(This might be similar to what Torsten suggested.)

- Florian



reply via email to

[Prev in Thread] Current Thread [Next in Thread]