[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: abstract
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: abstract |
Date: |
Fri, 06 Nov 2020 22:21:57 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new e616060 abstract
e616060 is described below
commit e61606066eef11b777c056ff7e030554312f0628
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Nov 6 22:21:55 2020 +0100
abstract
---
doc/ihf/abstract.txt | 51 +++++++++++++++++++++++++++++++++++++++++++++++
doc/ihf/challenges.txt | 19 ++++++++++++++++++
doc/thesis/thesis.out | 2 +-
doc/thesis/thesis.run.xml | 4 ++--
4 files changed, 73 insertions(+), 3 deletions(-)
diff --git a/doc/ihf/abstract.txt b/doc/ihf/abstract.txt
index e69de29..516ffac 100644
--- a/doc/ihf/abstract.txt
+++ b/doc/ihf/abstract.txt
@@ -0,0 +1,51 @@
+Today information losses from security incidents are rampant, either
+because data is exposed (loss of confidentiality) or because users
+lose their data because of lacking backups (loss of availability).
+If we want informational self-determination, we need to address the
+fundamental key management problem.
+
+Anastasis addresses this challenge while abiding by the following
+principles:
+
+* Anastasis must be Free Software.
+* Anastasis must not rely on the trustworthiness of individual providers.
+* Anastasis must put the user in control, in particular the core secret
+ must remains exclusively under the user's control, even during recovery.
+* Anastasis must be economically viable to operate.
+* Anastasis must support a diverse range of use cases.
+
+We want Anastasis to be used by all applications sharing the key
+recovery problem and not be a custom solution for only one
+application. The main use cases for Anastasis are applications which
+need a private key to operate. Examples include: encrypted
+communication like Telegram, Pretty Good Privacy or Pretty Easy
+Privacy (pEp), digital currencies and payment solutions like Bitcoin
+and Ethereum, hard-disk encryption and password managers. These are
+all critical services and can cause severe damage should access be
+lost as well as if the data is disclosed to unauthorized parties.
+
+The fundamental cryptography for Anastasis was developed as part of
+Dennis's Bachelor's thesis (see attachment). The core secret itself is
+protected from the escrow providers by giving each provider only part
+of the information, and additionally by encrypting it with an
+identity-based key unknown to the providers. Our protocol ensures that
+--- without prior knowledge --- the service providers learn nothing
+from the protocol except the minimum amount of data required to
+authenticate the user. Even that information is only disclosed at the
+time of authentication.
+
+For this project, we want to go beyond the Bachelor thesis prototype
+and have an implementation ready for integration with various FLOSS
+projects. MI-DATA and GNU Taler have indicated that they need a
+TypeScript implementation of the client, and GNU Taler and pEp have
+requested additional authentication methods to be made available.
+Furthermore, we need a reducer-style API to allow applications to
+suspend and later resume the backup- or recovery process. A GUI will
+be implemented to allow users to use the service stand-alone (say for
+disk-encryption secrets). Finally, we need to deploy and fully
+document the service.
+
+We want to note that we were *selected* for the 2nd round of NGI
+LEDGER, but then the grant was revoked due to procedural failures by
+NGI LEDGER. This proposal has a reduced scope where we are leaving out
+the actual integration with applications and the business development.
diff --git a/doc/ihf/challenges.txt b/doc/ihf/challenges.txt
index e69de29..29f1176 100644
--- a/doc/ihf/challenges.txt
+++ b/doc/ihf/challenges.txt
@@ -0,0 +1,19 @@
+Even with many users, key recovery itself is going to be a rare
+event. We talked with MI-DATA, and they told us that they have to
+recover user secrets a few times a month only.
+
+Thus, it would be way too expensive to have any of our staff in the
+loop during key recovery. To address this issue, we plan to outsource
+the actual authentication process to existing Cloud
+services. Providers exist for sending SMS and performing
+video-identification.
+
+However, outsourcing key operations is dangerous for availability as
+we now depend on external parties we have little control over. This
+issue will be addressed by implementing fallback solutions where we
+can use an alternative provider in case the primary provider is
+unresponsive. Additionally, we will add monitoring to ensure that we
+detect issues. Automating everything is crucial, as we need the
+service to remain reliably operational even if income from service
+fees only allows us to afford the bare minimum in terms of system
+administration.
diff --git a/doc/thesis/thesis.out b/doc/thesis/thesis.out
index 1844bf4..7dbab50 100644
--- a/doc/thesis/thesis.out
+++ b/doc/thesis/thesis.out
@@ -76,5 +76,5 @@
\BOOKMARK
[1][-]{section.7}{\376\377\000C\000o\000n\000c\000l\000u\000s\000i\000o\000n\000\040\000a\000n\000d\000\040\000o\000u\000t\000l\000o\000o\000k}{}%
76
\BOOKMARK
[1][-]{appendix.A}{\376\377\000R\000E\000S\000T\000\040\000A\000P\000I\000\040\000d\000o\000c\000u\000m\000e\000n\000t\000a\000t\000i\000o\000n}{}%
77
\BOOKMARK
[1][-]{appendix.B}{\376\377\000W\000o\000r\000k\000\040\000j\000o\000u\000r\000n\000a\000l}{}%
78
-\BOOKMARK
[1][-]{section*.92}{\376\377\000G\000l\000o\000s\000s\000a\000r\000y}{}% 79
+\BOOKMARK [1][-]{section*.92}{\376\377\000?\000?}{}% 79
\BOOKMARK
[1][-]{section*.93}{\376\377\000R\000e\000f\000e\000r\000e\000n\000c\000e\000s}{}%
80
diff --git a/doc/thesis/thesis.run.xml b/doc/thesis/thesis.run.xml
index 6c8325d..f9576b8 100644
--- a/doc/thesis/thesis.run.xml
+++ b/doc/thesis/thesis.run.xml
@@ -41,7 +41,7 @@
>
]>
<requests version="1.0">
- <internal package="biblatex" priority="9" active="0">
+ <internal package="biblatex" priority="9" active="1">
<generic>latex</generic>
<provides type="dynamic">
<file>thesis.bcf</file>
@@ -65,7 +65,7 @@
<file>american.lbx</file>
</requires>
</internal>
- <external package="biblatex" priority="5" active="0">
+ <external package="biblatex" priority="5" active="1">
<generic>biber</generic>
<cmdline>
<binary>biber</binary>
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: abstract,
gnunet <=