[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-docs] branch master updated: Modified truth manageme
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-docs] branch master updated: Modified truth management: Truth is uploaded as EncryptedTruth to hide information from server |
Date: |
Tue, 15 Oct 2019 11:40:38 +0200 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new b31cddb Modified truth management: Truth is uploaded as
EncryptedTruth to hide information from server
b31cddb is described below
commit b31cddbea40631a1a1e1c9cab115d3746078a96f
Author: Dennis Neufeld <address@hidden>
AuthorDate: Tue Oct 15 11:40:32 2019 +0200
Modified truth management: Truth is uploaded as EncryptedTruth to hide
information from server
---
anastasis-db.png | Bin 38032 -> 34685 bytes
anastasis.rst | 36 +++++++++++++++++++++++++++++++-----
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/anastasis-db.png b/anastasis-db.png
index 3d6c3e7..5afa96b 100644
Binary files a/anastasis-db.png and b/anastasis-db.png differ
diff --git a/anastasis.rst b/anastasis.rst
index 26a0e67..c45f7ab 100644
--- a/anastasis.rst
+++ b/anastasis.rst
@@ -603,6 +603,10 @@ public key using the Crockford base32-encoding.
// UUID of the escrow method (see /truth/ API below).
uuid: string;
+ // Key used to encrypt the `Truth` this `EscrowMethod` is related to.
+ // Client has to provide this key to the server when using /truth/
+ truth_encryption_key: [32]; //bytearray
+
// Salt used to encrypt the truth on the Anastasis server.
truth_salt: [32]; //bytearray
@@ -657,11 +661,11 @@ charge per truth operation using GNU Taler.
.. http:post:: /truth/$UUID
- Upload a Truth-Object according to the policy the client created before (see
RecoveryDocument_).
+ Upload an EncryptedTruth_-Object according to the policy the client created
before (see RecoveryDocument_).
If request has been seen before, the server should do nothing, and otherwise
store the new object.
- The body must begin with the EncryptedKeyShare_ as binary block (see below).
In addition,
- the name of the chosen key share method, the Base32-encoded ground truth and
the MIME type of
- Truth must be included in the body.
+ While the document's structure is described in JSON below, the upload
+ should just be the bytestream of the raw data (i.e. 32 bytes nonce followed
+ by 16 bytes tag followed by the encrypted truth).
The Anastasis server cannot fully validate the format, but MAY impose
minimum and maximum size limits.
@@ -686,6 +690,24 @@ charge per truth operation using GNU Taler.
**Details:**
+ .. _EncryptedTruth:
+ .. ts:def:: EncryptedTruth
+
+ interface EncryptedTruth {
+ // Nonce used to compute the (iv,key) pair for encryption of the
+ // encrypted_compressed_truth.
+ nonce: [32]; //bytearray
+
+ // Authentication tag
+ aes_gcm_tag: [16]; //bytearray
+
+ // Variable-size truth. After decryption,
+ // this contains a gzip compressed JSON-encoded `Truth`.
+ // The nonce of the HKDF for this encryption must include the
+ // string "ECT".
+ encrypted_compressed_truth: []; //bytearray of undefined length
+ }
+
.. _Truth:
.. ts:def:: Truth
@@ -699,7 +721,7 @@ charge per truth operation using GNU Taler.
// ground truth, i.e. H(challenge answer),
// phone number, e-mail address, picture, fingerprint, ...
- // base32 encoded
+ // **base32 encoded**
//
// The truth MUST NOT be revealed to the user, even
// after successful authentication (of course the user
@@ -717,6 +739,7 @@ charge per truth operation using GNU Taler.
if $RESPONSE matches the expected response according to the challenge sent
to the client before.
If $RESPONSE is not specified, the server will response with a challenge
according to the key share
method (e.g. ask the security question or send a SMS with a code) and await
the answer within $RESPONSE.
+ Also, the user has to provide the correct *truth_encryption_key* with every
get request (see below).
When $RESPONSE is correct, the server responses with the encrypted key share.
The encrypted key share is returned simply as a byte array and not in JSON
format.
@@ -744,6 +767,9 @@ charge per truth operation using GNU Taler.
:status 503 Service Unavailable:
Server is out of Service.
+ *Truth-Decryption-Key*: Key used to encrypt the Truth_ and which has to
provided by the user. The key is stored with
+ the according EscrowMethod_. The server needs this key to get the info out
of Truth_ needed to prepare an ExcrowChallenge_.
+
**Details:**
.. _EncryptedKeyShare:
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-docs] branch master updated: Modified truth management: Truth is uploaded as EncryptedTruth to hide information from server,
gnunet <=