[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: restructure Anastasis docs a bit
|
From: |
gnunet |
|
Subject: |
[taler-docs] branch master updated: restructure Anastasis docs a bit |
|
Date: |
Mon, 29 Mar 2021 12:27:51 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 92a26a5 restructure Anastasis docs a bit
92a26a5 is described below
commit 92a26a59760f5289b63a68d7c6bf459be2c02705
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Mon Mar 29 12:27:49 2021 +0200
restructure Anastasis docs a bit
---
anastasis.rst | 27 +++++++++++++--------------
1 file changed, 13 insertions(+), 14 deletions(-)
diff --git a/anastasis.rst b/anastasis.rst
index 4ab76f9..4f50b27 100644
--- a/anastasis.rst
+++ b/anastasis.rst
@@ -122,9 +122,8 @@ encrypted **core secret**, a set of escrow methods and a
set of policies.
----------------
Key derivations
----------------
+^^^^^^^^^^^^^^^
EdDSA and ECDHE public keys are always points on Curve25519 and represented
using the standard 256 bit Ed25519 compact format. The binary representation
@@ -161,7 +160,7 @@ likely also be available to other actors.
Verification
-^^^^^^^^^^^^
+------------
For users to authorize "policy" operations we need an EdDSA key pair. As we
cannot assure that the corresponding private key is truly secret, such policy
@@ -205,7 +204,7 @@ HKDF to ensure that the result differs from other cases
where we hash
Encryption
-^^^^^^^^^^
+----------
For symmetric encryption of data we use AES256-GCM. For this we need a
symmetric key and an initialization vector (IV). To ensure that the
@@ -234,16 +233,16 @@ avoid key reuse. So, we have to use different nonces to
get different keys and i
**iv**: IV which will be used for AES-GCM.
----------
+
Key Usage
----------
+^^^^^^^^^
The keys we have generated are then used to encrypt the **recovery document**
and
the **key_share** of the user.
Encryption
-^^^^^^^^^^
+----------
Before every encryption a 32-byte nonce is generated.
From this the symmetric key is computed as described above.
@@ -275,7 +274,7 @@ at the various providers.
the same number as specified above for *encrypted_key_share_i*. Nonce must
contain the string "EKS" plus the according *i*.
Signatures
-^^^^^^^^^^
+----------
The EdDSA keys are used to sign the data sent from the client to the
server. Everything the client sends to server is signed. The following
@@ -307,9 +306,9 @@ When requesting policy downloads, the client must also
provide a signature:
**ver_res**: A boolean value. True: Signature verification passed, False:
Signature verification failed.
----------------------------
+
Availability Considerations
----------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
Anastasis considers two main threats against availability. First, the
Anastasis server operators must be protected against denial-of-service attacks
@@ -942,7 +941,7 @@ In the following, the individual transitions will be
specified in more detail.
Initial state
-"""""""""""""
+-------------
The initial states for backup and recovery processes are looking like
following:
@@ -973,7 +972,7 @@ The initial states for backup and recovery processes are
looking like following:
Common transitions
-""""""""""""""""""
+------------------
**select_continent:**
@@ -1188,7 +1187,7 @@ unreachable, service on port 8088 was previously known,
and service on port
Backup transitions
-""""""""""""""""""
+------------------
**enter_user_attributes:**
@@ -1543,7 +1542,7 @@ Optional arguments to try uploading just specific truths
(example):
Recovery transitions
-""""""""""""""""""""
+--------------------
**enter_user_attributes:**
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: restructure Anastasis docs a bit,
gnunet <=