[taler-anastasis] branch master updated: merged with dennis edits

[gnunet]

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 3c30605  merged with dennis edits
3c30605 is described below

commit 3c306051d587004aa5ec942778efdfc26423c0ca
Author: Dominik Meister <dominik.meister@hotmail.ch>
AuthorDate: Tue Oct 20 00:22:41 2020 +0200

    merged with dennis edits
---
 doc/ypsomed/ypsomed.tex | 223 +++++++++++++++++++++---------------------------
 1 file changed, 98 insertions(+), 125 deletions(-)

diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
index 2a735f7..4a127a5 100644
--- a/doc/ypsomed/ypsomed.tex
+++ b/doc/ypsomed/ypsomed.tex
@@ -16,7 +16,7 @@
 %%\setdefaultlanguage{french}
 \usepackage{listings}
 \usepackage[backend=biber, style=ieee]{biblatex}
-\addbibresource{seminar.bib}
+\addbibresource{bibliothek.bib}
 
 \usepackage{graphicx}
 \usepackage{float}
@@ -33,28 +33,71 @@ Dennis Neufeld (\texttt{dennis-neufeld@gmx.de})}
 \clearpage
 
 \section{About the author and the team members}
-My name is Dominik Meister and I recently completed my Bachelor's degree in IT 
Security.\\
-The design and implementation of Anastasis was the topic of my bachelor thesis.
-During the thesis I could successfully develop a proof of concept of the 
software.
-I am responsible for the development of the backend and the deployment of the 
software.\\
+Dominik Meister recently completed his Bachelor's degree in IT Security.
+The design and implementation of Anastasis was the topic of his bachelor 
thesis.
+During the thesis he could successfully develop a proof of concept of the 
software.
+He is responsible for the development of the backend and the deployment of the 
software.
 
-Dennis Neufeld was my partner during the bachelor thesis. He also recently 
completed his bachelor's degree in IT security.
-He is also a developer and is responsible for the integration of Anastasis 
into other products.\\
+Dennis Neufeld also recently completed his bachelor's degree in IT security.
+He was the partner of Dominik in his bachelor thesis.
+He is also a developer and is responsible for the integration of Anastasis 
into other products.
 
+Christian Grothoff is Professor at the BFH in Biel. He was the project expert 
and product owner 
+of the Anastasis thesis. He is the chairman of the Anastasis start-up and 
supports the development
+process with his experience.
+
+Berna Alp is an economist by trade. She is currently council member at the 
pretty Easy privacy (pEp) foundation,
+a board member at ISOC Switzerland and she owns a consulting business 
specialized in IT transformation and ERP projects.
+She has worked as Project Coordinator on World Bank projects, as Senior FI/CO 
Consultant at Andersen Consulting in New York City 
+and as SAP FI/CO \& JVA team lead at a multi-national steel company 
implementing SAP in 28 companies and 17 countries.
+She takes on the general manager role at Anastasis. 
+
+Vaishnavi Mohan is a software engineer with a master's in distributed software 
systems. She specializes in the development
+and secure deployment of applications on public clouds. She will steer the 
technical development and decide 
+on the specifics for the deployment in the cloud and integration with existing 
cloud services at Anastasis. 
 
 \section{Problem statement}
-Users of cryptography are frequently facing the challenge to secure their core 
secrets (private keys), and the
-contemporary default of asking them to remember strong passphrases is 
inadequate for mass adoption. The loss
-of such a core secret can cause severe data and financial losses for a user. 
Our project was conceived as a solution
-to similar problems several privacy-enhancing software projects are facing 
today. Specifically, the Swiss pretty
-Easy privacy project (https://pep.foundation), an E-Mail encryption solution, 
needs an easy way for users to
-recover their private keys to avoid the loss of encrypted E-Mails. 
Furthermore, Taler Systems SA is building an
-electronic payment system and is facing an equivalent challenge: The European 
Central Bank informed them
+Today information losses from security incidents are rampant, either
+because data is exposed (loss of confidentiality) or because users
+lose their data because of lacking backups (loss of availability). As
+seen in the study of the Global Data Protection Index
+2018~\cite{global_data_index}, 76\% of those interviewed had an
+availability incident. 1TB of data loss or 20 hours of downtime
+reportedly costs half a million dollars. On the other hand, loss of
+confidential private data can result in fines under data protection
+regulation, as well as a difficult to quantify loss of reputation.
+Prominent cases in which sometimes enormous amounts of money have been
+gone useless by losing the key to the digital wallet clarify the
+urgent need of a key recovery system like Anastasis. For example the
+case QuadrigaCX exchange was heavily discussed in the media when the
+chief executive, Gerald Cotton, unexpectedly died and left £145
+million in a “cold wallet”.~\cite{millions_lost}
+
+In some cases there is a workaround to recover a lost key, provided
+there is a security hole in the digital wallet software that can be
+exploited, but it is far from user friendly and also questions the
+confidentiality of data in such a system. In his article “’I Forgot My
+PIN’: An Epic Tale of Losing \$30,000 in Bitcoin” \cite{forgot_my_pin}
+Mark Frauenfelder, a former editor at WIRED and the director of
+research at the Institute of the Future’s Blockchain Futures Lab,
+writes about his experiences in losing and trying to recover his
+wallet key.
+
+All these cases show the need for a way to backup a core secret. 
+The most common solution for this problem is to ask the user to remember
+a strong passphrase, but this is inadequate for mass adoption. Users 
+tend to either make passwords too easy or are bad at remembering them.
+As previously mentioned the loss of such a core secret can cause severe 
+data and financial losses for a user. Our project was conceived as a solution
+to similar problems several privacy-enhancing software projects are facing 
today.
+Specifically, the Swiss pretty Easy privacy project (https://pep.foundation), 
an E-Mail encryption solution,
+needs an easy way for users to recover their private keys to avoid the loss of 
+encrypted E-Mails. Furthermore, Taler Systems SA is building an electronic 
payment
+system and is facing an equivalent challenge: The European Central Bank 
informed them
 about a requirement for electronic wallets denominated in Euros to support 
password-less data recovery.
 Cryptocurrencies and E-health data platforms like MI-DATA where end-users are 
expected to be in control of their
-data also face this well-known issue. The problem is simultaneously assuring 
availability and confidentiality,
-instead of trading one for the other.
-We designed Anastasis to address this common problem of cryptographic consumer 
products. 
+data also face this well-known issue. We designed Anastasis to address this 
common problem of cryptographic consumer products. 
+
 
 \section{Summary of the work accomplished}
 Anastasis is a key recovery system that allows the user to securely deposit 
shares of a core secret with an open set of escrow
@@ -78,6 +121,8 @@ The following graphic gives an overview of the Anastasis 
architecture.
 \begin{figure}[H]
   \centering
   \includegraphics[scale=0.33]{images/system_architecture.eps}
+  \caption{System overview}
+  \label{fig:system_architecture}
 \end{figure}
 
 \subsubsection{Derive user identifier}
@@ -91,94 +136,56 @@ which users may forget.  Anastasis derives a ``user 
identifier'' from
 such a set of unforgettable attributes. This user identifier is used
 for the up- and download procedure.
 
-\begin{figure}[H]
-  \centering
-  \includegraphics[scale=0.35]{images/id_gen.eps}
-\end{figure}
-
-\subsubsection{Encrypt and encrypt and encrypt}
-Anastasis uses several layers of encryption. First, the user's core
-secret is encrypted with a master key. The master key is encrypted
-with various policy keys. The policy keys are derived from various
-secrets which are encrypted and distributed across various providers
-together with information about the desired recovery authorization
-procedure. This last encryption is done based on keys derived from the
-user identity.  These many layers of encryption are designed to
-distribute trust and to minimize or delay information disclosure.
-
-\subsection{System architecture}
-This graphic shows the basic architecture of the Anastasis
-application.
-
-\begin{figure}[H]
-  \centering
-  \includegraphics[scale=0.5]{system_design.png}
-\end{figure}
-
-\begin{enumerate}
-\item The Anastasis CLI interacts with the Anastasis API. The
-  Anastasis API is responsible for triggering interactions with the
-  user, and also manages the interactions between the
-  various client-side components.
-\item After the user provided their unforgettable secret, the
-  Crypto API derives the needed key material for the further
-  communication. This is simplified, in reality the client would first
-  need to download the server salt to generate the user keys.  The
-  crypto API is later also responsible for the decryption and
-  encryption of the data, sent or received from the server.
-\item The Service API is responsible for the communication with the
-  Anastasis server. The Anastasis API sends the previously generated
-  data and the user selected request to the service.
-  The Service API is also responsible to handle
-  the server's response to the request.
-\item The central webserver logic handles HTTP requests sent to it by the
-  clients. It will dispatch requests to the corresponding handler. The
-  webserver's core logic also returns the response and the status code
-  of the operation to the client application.
-\item Each REST endpoint of the Anastasis server is implemented by
-  a specific handler. The handler processes the requests, typically
-  by storing or looking up the requested
-  data with the database. When the request is finished, the handler will
-  send back the data or the status code to the webserver's core logic.
-\end{enumerate}
-
-
 \subsection{Recovery and backup flow}
 The following is a very simplified description of the Anastasis protocol. It 
is only intended to illustrate how Anastasis basically works:\\
 \begin{figure}[H]
   \centering  
   \includegraphics[scale=0.35]{images/key_gen.eps}
+  \caption{Key generation}
+  \label{fig:key_generation}
 \end{figure}
 Before each backup or recovery process, two keys (K1 and K2) are derived from 
the user attributes.\\
 \begin{figure}[H]
   \centering 
   \includegraphics[scale=0.35]{images/step1.eps}
+  \caption{Split secret and encrypt}
+  \label{fig:step1}
  \end{figure}
 During a backup process, the core secret is first split into several parts. 
These parts are then each encrypted with the first key (K1). \\
 \begin{figure}[H]
   \centering  
   \includegraphics[scale=0.35]{images/step2.eps}
+  \caption{Add authentication data and encrypt}
+  \label{fig:step2}
  \end{figure}
 Authentication data is then added to the encrypted parts (e.g. mobile phone 
number for SMS authentication). The parts modified in this way are now 
encrypted again, but this time with the second key (K2). \\
 \begin{figure}[H]
   \centering
   \includegraphics[scale=0.35]{images/step3.eps}
+  \caption{Distribute parts to the providers}
+  \label{fig:step3}
  \end{figure}
  In the last step of the backup procedure the prepared parts are distributed 
to the various provider servers.\\
  
 \begin{figure}[H]
   \centering
   \includegraphics[scale=0.35]{images/step1_recovery.eps}
+  \caption{Send Key and authenticate}
+  \label{fig:step1_rec}
  \end{figure}
 In a recovery process the user must authenticate himself with the 
corresponding providers using his stored authentication data. However, since 
these providers cannot yet access the data, the user must send them the second 
key (K2). This key enables them to read only the necessary data.\\
 \begin{figure}[H]
   \centering 
   \includegraphics[scale=0.35]{images/step2_recovery.eps}
+  \caption{Authenticate and receive parts}
+  \label{fig:step2_rec}  
  \end{figure}
 If the user has authenticated himself correctly, he will receive the encrypted 
parts of the core secret from the respective providers. The user can decrypt 
these parts with the first key (K1).\\
 \begin{figure}[H]
   \centering 
   \includegraphics[scale=0.3]{images/step3_recovery.eps}
+  \caption{Reassemble parts recover secret}
+  \label{fig:step3_rec}
  \end{figure}
 In the last step the user reassembles the decrypted parts of the core secret.\\
 
@@ -192,6 +199,25 @@ Besides that we are currently developing a client with a 
graphical user interfac
 Another open point is the integration of the software into other applications 
(Taler, PEP).
 For a more detailed overview of the open work see the project plan below.
    
+\section{Discussion of the technical implementation potential}
+There are a few key recovery solutions on the market today. Some examples of 
existing key recovery solutions and their problems shall be introduced in the 
following.
+
+Coinbase is a global digital asset exchange company which provides a venue to 
buy and sell crypto currencies. Coinbase uses wallets secured with private 
keys. To recover this private key the user must provide a 12-word recovery 
phrase. Coinbase now offers a “solution” to securely deposit this recovery 
phrase onto the users Google Drive. The security here lies within the Google 
Account and the password used to encrypt the security phrase. The problem here 
is that this approach undermines  [...]
+
+Vault12 is a service using Shamir Secret Sharing provided by the Vault-Tec 
Corporation. Shamir Secret Sharing is a so called „Social Recovery“ method. It 
allows to split all kind of data, (pictures, passphrases, cryptographic keys) 
into shares and distribute them to trusted entities, called „Guardians“ in 
Vault12. To recover the data a subset of the chosen Guardians is asked to 
release their share. The released shares are used to reconstruct the data 
again. Vault12 is available for iOS,  [...]
+
+MI-DATA is a Swiss platform for e-health data. They also use Shamir secret 
splitting to distribute recovery information among a fixed set of staff 
members. However, during key recovery their system administrator can have full 
access to the private health data, voiding all the safety assurances 
key-splitting is supposed to achieve.
+
+Connect.me is a closed source digital identity wallet. The recovery of the 
used key and the wallet works similar to Coinbase: An encrypted backup of the 
user data is stored on the cloud, which can be downloaded and decrypted using a 
recovery phrase. The software offers no solution how the user keeps this 
phrase. The user is therefore responsible for storing it correctly.
+
+uPort is an opensource digital identity wallet based on Etherium. uPort also 
works with the 12-word-recovery phrase and also doesn’t offer a solution for 
the user to securely store the phrase. 
+
+As we can see the most solutions either work with shamir secret splitting or 
with a passphrase. The Method with the passphrase is too unreliable, the user 
+has to remember his secret or his key is lost, resulting in a single point of 
failure.
+The other solutions are based on Shamir secret splitting. The main problem of 
shamir secret splitting is that it is not flexible. With Shamir secret 
splitting, the user can only define a threshold at which point the 
authentication is successful. With Anastasis the user can define which 
combinations of providers can successfully recover the secret. As an example we 
have the Providers A, B, C and D. The user knows the provider A and fully 
trusts him. This means the user can now set up comb [...]
+
+Anastasis offers a generic API for the clients. This means Anastasis can be 
used for many different use cases. The main use cases for Anastasis are 
applications which need a private key to operate. For example: Encrypted email 
communication like PGP or PEP, Digital currencies and payment solutions like 
Bitcoin and Ethereum. Other use cases which need a passphrase are also a good 
use case for Anastasis. For example: Password managers where you must remember 
your master password or Hard dr [...]
+
 
 \section{Project plan}
 A key challenge for Anastasis is that we need to offer a diverse set of 
authentication methods, as required from
@@ -210,60 +236,10 @@ Key milestones are the various integrations of the 
different authentication meth
 cryptographic consumer products, and the deployment of our application.
 Additionally, we would always look out for new customers and clients who could 
benefit from Anastasis.
 
-\begin{figure}[H]
-  \centering  
-  \includegraphics[scale=0.34]{plan.png}
-\end{figure}
-
 \section{Business model}
 We are currently in the process of building a start-up for the
 Anastasis application. This business model shows an overview how we
-want to build our start-up and how we want to continue our work on the
-project.
-
-\subsection{Market review and innovation potential}
-
-There are already some key recovery or key splitting solutions on the
-market. For example, there is a solution from Coinbase. Coinbase is a
-global digital asset exchange company, providing a venue to buy and
-sell digital currencies. Coinbase also uses wallets secured with
-private keys. To recover this private key the user has to provide a 12
-words recovery phrase. Coinbase now offers a solution to securely
-deposit this recovery phrase onto the users Google Drive. The security
-here lies within the Google Account and the password used to encrypt
-the security phrase~\cite{coinbase}. The problem here is that this approach 
undermines
-confidentiality. It exchanges a hard to guess password with a shorter
-and easier to guess password. The difficulty is to simultaneously
-assure availability and confidentiality, instead of trading one for
-the other. By allowing citizens to simultaneously achieve
-confidentiality and availability we improve their ability to exercise
-their right to informational self-determination.
-
-Today information losses from security incidents are rampant, either
-because data is exposed (loss of confidentiality) or because users
-lose their data because of lacking backups (loss of availability). As
-seen in the study of the Global Data Protection Index
-2018~\cite{global_data_index}, 76\% of those interviewed had an
-availability incident. 1TB of data loss or 20 hours of downtime
-reportedly costs half a million dollars. On the other hand, loss of
-confidential private data can result in fines under data protection
-regulation, as well as a difficult to quantify loss of reputation.
-Prominent cases in which sometimes enormous amounts of money have been
-gone useless by losing the key to the digital wallet clarify the
-urgent need of a key recovery system like Anastasis. For example the
-case QuadrigaCX exchange was heavily discussed in the media when the
-chief executive, Gerald Cotton, unexpectedly died and left £145
-million in a “cold wallet”.~\cite{millions_lost}
-
-In some cases there is a workaround to recover a lost key, provided
-there is a security hole in the digital wallet software that can be
-exploited, but it is far from user friendly and also questions the
-confidentiality of data in such a system. In his article “’I Forgot My
-PIN’: An Epic Tale of Losing \$30,000 in Bitcoin” \cite{forgot_my_pin}
-Mark Frauenfelder, a former editor at WIRED and the director of
-research at the Institute of the Future’s Blockchain Futures Lab,
-writes about his experiences in losing and trying to recover his
-wallet key.
+operate Anastasis within our start-up.
 
 \subsection{Business model canvas}
 
@@ -282,7 +258,7 @@ AWS, Azure, Google.
 In addition to these industry partners, we also count on the continued
 support by the BFH for hosting and mentoring. Prof. Dubius has already
 agreed to serve on our advisory board, and Prof. Grothoff would be
-happy to serve as non-executive chairman for the company.
+happy to continue his support in the development process.
 
 \subsubsection{Key activities}
 
@@ -308,9 +284,7 @@ application.
 Additionally, the start-up needs a person who is responsible for the
 business of Anastasis. This employee would be responsible to find new
 business partners and present our application to investors. This
-employee might initially work only part-time. To be able to properly
-launch the start-up, we are hoping to find a combination of investors
-and grants.
+employee might initially work only part-time. 
 
 \subsubsection{Value propositions}
 
@@ -369,7 +343,6 @@ operations. For example a user might pay 0.10 CHF per month 
for the
 subscription and 0.01 CHF for each encrypted truth
 upload. Additionally, the user would have to pay for expensive
 authentication methods like video identification.
-
 \newpage
 
 \printbibliography[heading=bibintoc]

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.