[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated (b305b99 -> 7b417b4)
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated (b305b99 -> 7b417b4) |
|
Date: |
Thu, 04 Jun 2020 00:20:10 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a change to branch master
in repository anastasis.
from b305b99 project mangagement, work journal
new 8cdc8e0 gitignore
new b5ab0bc merge
new bb8ecfd small fixes
new 64df093 hyperref fix
new 7b417b4 initial work on introduction
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitignore | 10 ++++++++--
doc/thesis/abstract.tex | 24 ++++++++++--------------
doc/thesis/acknowledgments.tex | 4 ++--
doc/thesis/introduction.tex | 15 +++++++++++++++
doc/thesis/motivation.tex | 3 ---
doc/thesis/related_work.tex | 4 ++--
doc/thesis/thesis.tex | 8 +++++++-
7 files changed, 44 insertions(+), 24 deletions(-)
create mode 100644 doc/thesis/introduction.tex
delete mode 100644 doc/thesis/motivation.tex
diff --git a/.gitignore b/.gitignore
index 94ea221..6180240 100644
--- a/.gitignore
+++ b/.gitignore
@@ -103,6 +103,12 @@ src/cli/.libs/anastasis-splitter
doc/thesis/*.aux
doc/thesis/*.bcf
doc/thesis/*.log
-doc/thesis/*.run.xml
+doc/thesis/*.xml
doc/thesis/*.toc
-doc/thesis/*.pdf
\ No newline at end of file
+doc/thesis/*.pdf
+doc/thesis/*.blg
+doc/thesis/*.lot
+doc/thesis/*.lof
+doc/thesis/*.blg
+doc/thesis/*.bbl
+doc/thesis/*.gz
\ No newline at end of file
diff --git a/doc/thesis/abstract.tex b/doc/thesis/abstract.tex
index e2cead6..bcc55f5 100644
--- a/doc/thesis/abstract.tex
+++ b/doc/thesis/abstract.tex
@@ -1,16 +1,12 @@
+\phantomsection
\begin{abstract}
- Everyone has probably noticed at least once through the media that
someone has lost their key to their electronic wallet and therefore huge sums
of money have become useless. Therefore, backup systems are essential to avoid
such cases.\\
-
- But how should one create and manage such a backup of a key? It
certainly makes no sense to encrypt a key with a different password and then
use the result as a backup. After all, this password can also be forgotten.
Apart from that, the question arises how or where to save such a backup. A
simple storage on e.g. Google Drive bears several risks: On the one hand, we
are talking about Google, a company that is known to cooperate with certain
authorities, and on the other hand, the cloud [...]
- Unfortunately, to the best of our knowledge, there is no backup
solution for keys that works password-less while giving the user complete
control over his data.\\
-
- With Anastasis this gap shall be filled and a solution for secure
recovery of secret keys, which works without passwords or other key material,
shall be offered. This is achieved by splitting the
- key material across multiple independent Anastasis service
- providers, and enabling users to recover their master key by
- authenticating with each provider.\\
-
- Our protocol ensures that - without prior knowledge- the service
- providers learn nothing from the protocol except the minimum amount of
- data required to authenticate the user. Even that information is only
- disclosed at the time of authentication.
+\addcontentsline{toc}{section}{Abstract}
+Everyone has probably noticed at least once through the media that someone has
lost their key to their electronic wallet and therefore huge sums of money have
become useless. Therefore, backup systems are essential to avoid such cases.\\
+
+But how should one create and manage such a backup of a key? It certainly
makes no sense to encrypt a key with a different password and then use the
result as a backup. After all, this password can also be forgotten. Apart from
that, the question arises how or where to save such a backup. A simple storage
on e.g. Google Drive bears several risks: On the one hand, we are talking about
Google, a company that is known to cooperate with certain authorities, and on
the other hand, the cloud s [...]
+Unfortunately, to the best of our knowledge, there is no backup solution for
keys that works password-less while giving the user complete control over his
data.\\
+
+With Anastasis this gap shall be filled and a solution for secure recovery of
secret keys, which works without passwords or other key material, shall be
offered. This is achieved by splitting the key material across multiple
independent Anastasis service providers, and enabling users to recover their
master key by authenticating with each provider.\\
+Our protocol ensures that - without prior knowledge- the service providers
learn nothing from the protocol except the minimum amount of data required to
authenticate the user. Even that information is only disclosed at the time of
authentication.\\ \\
+This thesis describes the design and implementation of Anastasis.
\end{abstract}
\ No newline at end of file
diff --git a/doc/thesis/acknowledgments.tex b/doc/thesis/acknowledgments.tex
index 86776c4..fac4199 100644
--- a/doc/thesis/acknowledgments.tex
+++ b/doc/thesis/acknowledgments.tex
@@ -1,3 +1,3 @@
-\begin{abstract}
+\section*{Acknowledgements}
+\addcontentsline{toc}{section}{Acknowledgements}
We wish to thank Christian Grothoff for the help and support he has provided
throughout our work on Anastasis. We also thank the GNU Taler SA which provided
us feedback within the development and helped us to apply to different fundings.
-\end{abstract}
\ No newline at end of file
diff --git a/doc/thesis/introduction.tex b/doc/thesis/introduction.tex
new file mode 100644
index 0000000..5123595
--- /dev/null
+++ b/doc/thesis/introduction.tex
@@ -0,0 +1,15 @@
+\section{Introduction}
+Secure storage of private cryptographic keys or in general every kind of core
secret is a big problem
+because there is no reasonable solution solving it while meeting the following
criteria:
+\begin{itemize}
+ \item Only the user must be in control of the core secret.
+ \item The solution must ensure confidentiality of the stored core
secret.
+ \item The solution must ensure availability of the core secret.
+ \item The user doesn't need to memorize a password.
+\end{itemize}
+
+There are several applications which are in need of a key escrow system with
the described properties. For example for email encryption using Pretty Good
Privacy (PGP) \cite{garfinkel1995} you need a private key which is stored to
the device running PGP. Losing the PGP private key means following: All
received emails which are encrypted with a key derived from the private key are
unreadable and you need to build your trust network again. Because emails could
contain high sensitive inform [...]
+
+Another application relying on a core secret are cryptocurrencies like
Bitcoin. Each user of Bitcoin needs a so called Wallet which stores and
protects the private keys of the user. Those private keys legitimate its owners
to spend the bitcoins corresponding to the keys \cite{LLLW*2017}. Therefor
losing those keys means losing all the corresponding Bitcoins which in some
cases could be a loss of millions of Euros \cite{millions_lost}.\\
+
+FIXME: PEP, TALER, Europaeische Zentralbank
diff --git a/doc/thesis/motivation.tex b/doc/thesis/motivation.tex
deleted file mode 100644
index b862fa2..0000000
--- a/doc/thesis/motivation.tex
+++ /dev/null
@@ -1,3 +0,0 @@
-\section{Motivation}
-
-Motivation here
diff --git a/doc/thesis/related_work.tex b/doc/thesis/related_work.tex
index 668de6a..1f032e0 100644
--- a/doc/thesis/related_work.tex
+++ b/doc/thesis/related_work.tex
@@ -52,7 +52,7 @@ In Anastasis the user is the trusted dealer who splits the
secret and also recon
\subsubsection{Shamir's Secret Sharing}
The algorithm "Shamir's Secret Sharing" is one of the most well known secret
sharing scheme. It „divide[s] data D into n pieces in such a way that D is
easily reconstructible from any k pieces, but even complete knowledge of k - 1
pieces reveals absolutely no information about D“ \cite{shamir_sharing}.\\
Shamir’s simple secret sharing scheme has two key limitations. First, it
requires a trusted dealer who initially generates the secret to be distributed,
and second the shares are not verifiable during reconstruction. Therefore,
malicious shareholders could submit corrupt shares to prevent the system from
reconstructing the secret -- without these corrupt shareholders being
detectable as malicious. Furthermore, the dealer distributing the shares could
be corrupt and distribute some incons [...]
-Despite this, Shamir's Secret Sharing is inflexible because the "k out of
n"-design and also is very inefficient for big n. For Anastasis we need a more
flexible solution allowing other cases too. The user of Anastasis should be
able to decide himself which combinations of \textit{players} shall be used.
+Despite this, Shamir's Secret Sharing is inflexible because it is a (k, n)
threshold scheme and also is very inefficient for big n. For Anastasis we need
a more flexible solution allowing other cases, too. The user of Anastasis
should be able to decide himself which combinations of \textit{players} shall
be used.
\subsubsection{Verifiable Secret Sharing}
Verifiability can be achieved by using so called commitment schemes like the
Pederson commitment. It allows „to distribute a secret to n persons such that
each person can verify that he has received correct information about the
secret without talking with other persons“ \cite{pedersen_sharing_0}. In his
paper „A Practical Scheme for Non-interactive Verifiable Secret Sharing“
\cite{feldman_sharing}, Paul Feldman combines the two schemes Shamir Secret
Sharing and Pederson commitment. His [...]
@@ -103,7 +103,7 @@ In Anastasis we also need to store the phone number to the
server. But in our ca
\subsubsection{E-mail authentication}
Authentication by e-mail is very similar to SMS authentication. Here, the user
receives an OTP by e-mail and has to provide it during authentication process.\\
-
+git
FIXME: drawbacks,vulnerability\\
In Anastasis the mail address of the user is stored in an encrypted way, too.
The user has to provide the corresponding key to the server during
authentication process.
diff --git a/doc/thesis/thesis.tex b/doc/thesis/thesis.tex
index 4621860..6332ace 100644
--- a/doc/thesis/thesis.tex
+++ b/doc/thesis/thesis.tex
@@ -31,12 +31,17 @@
}
\begin{document}
+\pagenumbering{gobble}
+\clearpage
+\thispagestyle{empty}
\title{Anastasis}
\date{\today} %% or \date{01 november 2018}
\author{Dominik Meister (\texttt{dominiksamuel.meister@students.bfh.ch}) \\
Dennis Neufeld (\texttt{dennis.neufeld@students.bfh.ch })}
\maketitle
+\clearpage
+\pagenumbering{roman}
\include{acknowledgments}
\include{abstract}
@@ -44,7 +49,8 @@
\tableofcontents
\clearpage
-\include{motivation}
+\pagenumbering{arabic}
+\include{introduction}
\include{project_management}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-anastasis] branch master updated (b305b99 -> 7b417b4),
gnunet <=
- [taler-anastasis] 02/05: merge, gnunet, 2020/06/03
- [taler-anastasis] 01/05: gitignore, gnunet, 2020/06/03
- [taler-anastasis] 04/05: hyperref fix, gnunet, 2020/06/03
- [taler-anastasis] 03/05: small fixes, gnunet, 2020/06/03
- [taler-anastasis] 05/05: initial work on introduction, gnunet, 2020/06/03