[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: ypsomed draft

From: gnunet
Subject: [taler-anastasis] branch master updated: ypsomed draft
Date: Thu, 01 Oct 2020 15:11:17 +0200

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 23c84bc  ypsomed draft
23c84bc is described below

commit 23c84bc5d9c29b68d15c0e288235ce30a3c97431
Author: Dominik Meister <>
AuthorDate: Thu Oct 1 15:11:10 2020 +0200

    ypsomed draft
 doc/ypsomed/step1.png                 | Bin 0 -> 185483 bytes
 doc/ypsomed/step1_recovery.png        | Bin 0 -> 245134 bytes
 doc/ypsomed/step2.png                 | Bin 0 -> 86360 bytes
 doc/ypsomed/step2_recovery.png        | Bin 0 -> 207479 bytes
 doc/ypsomed/step3.png                 | Bin 0 -> 199023 bytes
 doc/ypsomed/step3_recovery.png        | Bin 0 -> 313747 bytes
 doc/ypsomed/system-architecture_2.png | Bin 0 -> 76910 bytes
 doc/ypsomed/system_design.png         | Bin 0 -> 57272 bytes
 doc/ypsomed/user_id.png               | Bin 0 -> 44157 bytes
 doc/ypsomed/ypsomed.tex               | 358 ++++++++++++++++++++++++++++++++++
 10 files changed, 358 insertions(+)

diff --git a/doc/ypsomed/step1.png b/doc/ypsomed/step1.png
new file mode 100644
index 0000000..7619973
Binary files /dev/null and b/doc/ypsomed/step1.png differ
diff --git a/doc/ypsomed/step1_recovery.png b/doc/ypsomed/step1_recovery.png
new file mode 100644
index 0000000..455c445
Binary files /dev/null and b/doc/ypsomed/step1_recovery.png differ
diff --git a/doc/ypsomed/step2.png b/doc/ypsomed/step2.png
new file mode 100644
index 0000000..b60b715
Binary files /dev/null and b/doc/ypsomed/step2.png differ
diff --git a/doc/ypsomed/step2_recovery.png b/doc/ypsomed/step2_recovery.png
new file mode 100644
index 0000000..2213133
Binary files /dev/null and b/doc/ypsomed/step2_recovery.png differ
diff --git a/doc/ypsomed/step3.png b/doc/ypsomed/step3.png
new file mode 100644
index 0000000..b31f60e
Binary files /dev/null and b/doc/ypsomed/step3.png differ
diff --git a/doc/ypsomed/step3_recovery.png b/doc/ypsomed/step3_recovery.png
new file mode 100644
index 0000000..6edbf06
Binary files /dev/null and b/doc/ypsomed/step3_recovery.png differ
diff --git a/doc/ypsomed/system-architecture_2.png 
new file mode 100644
index 0000000..7c2cbd0
Binary files /dev/null and b/doc/ypsomed/system-architecture_2.png differ
diff --git a/doc/ypsomed/system_design.png b/doc/ypsomed/system_design.png
new file mode 100644
index 0000000..52ff118
Binary files /dev/null and b/doc/ypsomed/system_design.png differ
diff --git a/doc/ypsomed/user_id.png b/doc/ypsomed/user_id.png
new file mode 100644
index 0000000..42c741c
Binary files /dev/null and b/doc/ypsomed/user_id.png differ
diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
new file mode 100644
index 0000000..3b27176
--- /dev/null
+++ b/doc/ypsomed/ypsomed.tex
@@ -0,0 +1,358 @@
+%% Choose default font for the document
+%% Warning : only ONE of the following should be enabled
+%% The following chose the default language for the document and
+%% use the default typography rules for the choosen language.
+%% \setdefaultlanguage{german}
+\usepackage[backend=biber, style=ieee]{biblatex}
+\subtitle{Key recovery solution}
+\date{\today}   %% or \date{01 november 2018}
+\author{Dominik Meister (\texttt{})\\
+Dennis Neufeld (\texttt{})}
+Users of cryptography are frequently facing the challenge to secure their core 
secrets (private keys), and the
+contemporary default of asking them to remember strong passphrases is 
inadequate for mass adoption. The loss
+of such a core secret can cause severe data and financial losses for a user. 
Our project was conceived as a solution
+to similar problems several privacy-enhancing software projects are facing 
today. Specifically, the Swiss pretty
+Easy privacy project (, an E-Mail encryption solution, 
needs an easy way for users to
+recover their private keys to avoid the loss of encrypted E-Mails. 
Furthermore, Taler Systems SA is building an
+electronic payment system and is facing an equivalent challenge: The European 
Central Bank informed them
+about a requirement for electronic wallets denominated in Euros to support 
password-less data recovery.
+Cryptocurrencies and E-health data platforms like MI-DATA where end-users are 
expected to be in control of their
+data also face this well-known issue. The problem is simultaneously assuring 
availability and confidentiality,
+instead of trading one for the other.
+We designed Anastasis to address this common problem of cryptographic consumer 
+Anastasis is a key recovery system that allows the user to securely deposit 
shares of a core secret with an open set of escrow
+providers, and to recover the secret if the user lost it. The main objective 
of Anastasis is to ensure that the user
+can reliably recover the core secret, while making this as difficult as 
possible for everyone else. The core secret
+itself is protected from the escrow providers by giving each provider only 
part of the information, and additionally
+by encrypting it with an identity-based key unknown to the providers. Our 
protocol ensures that - without prior
+knowledge- the service providers learn nothing from the protocol except the 
minimum amount of data required to
+authenticate the user. Even that information is only disclosed at the time of 
+\subsubsection*{Secret sharing and recovery}
+Our approach to solve the problem of key recovery is to let the user
+split their core secret across multiple escrow providers (see
+Figure~\ref{fig:system_arch2}). To recover their core secret, the user has to
+authorize key the recovery, usually by passing an authentication check
+which they configured for the respective provider.
+After successful authentication the user receives the secret shares
+and is able to reassemble their core secret locally on their computer.
+\subsubsection*{Derive user identifier}
+Every person has some hard to guess, semi-private and unforgettable
+inherent attributes such as name and passport number, social security
+number or AHV~\cite{jerome2015} number (in Switzerland).  We use those 
attributes to
+improve the security and privacy provided by Anastasis.  Basically,
+these attributes serve as weak key material, raising the bar for
+attackers without the availability disadvantages of passphrases ---
+which users may forget.  Anastasis derives a ``user identifier'' from
+such a set of unforgettable attributes (see Figure~\ref{fig:user_id}).
+\subsubsection*{Encrypt and encrypt and encrypt}
+Anastasis uses several layers of encryption. First, the user's core
+secret is encrypted with a master key. The master key is encrypted
+with various policy keys. The policy keys are derived from various
+secrets which are encrypted and distributed across various providers
+together with information about the desired recovery authorization
+procedure. This last encryption is done based on keys derived from the
+user identity.  These many layers of encryption are designed to
+distribute trust and to minimize or delay information disclosure.
+\subsection{System architecture}
+This graphic shows the basic architecture of the Anastasis
+application. It shows a simplified flow of the application. The
+details of each component are explained later.
+\item The Anastasis CLI interacts with the Anastasis API. The
+  Anastasis API is responsible for triggering interactions with the
+  user, and also manages the interactions between the
+  various client-side components.
+\item After the user provided their unforgettable secret, the
+  Crypto API derives the needed key material for the further
+  communication. This is simplified, in reality the client would first
+  need to download the server salt to generate the user keys.  The
+  crypto API is later also responsible for the decryption and
+  encryption of the data, sent or received from the server.
+\item The Service API is responsible for the communication with the
+  Anastasis server. The Anastasis API sends the previously generated
+  data and the user selected request to the service.
+  The Service API is also responsible to handle
+  the server's response to the request.
+\item The central webserver logic handles HTTP requests sent to it by the
+  clients. It will dispatch requests to the corresponding handler. The
+  webserver's core logic also returns the response and the status code
+  of the operation to the client application.
+\item Each REST endpoint of the Anastasis server is implemented by
+  a specific handler. The handler prcesses the requests, typically
+  by storing or looking up the requested
+  data with the database. When the request is finished, the handler will
+  send back the data or the status code to the webserver's core logic.
+\subsection{Recovery and backup flow}
+ Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu 
Miau Katze Pingu Miau Katze Pingu Miau Katze \\
+ \begin{center}  
+  \includegraphics[scale=0.35]{step1.png}
+ \end{center}
+ Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu 
Miau Katze Pingu Miau Katze Pingu Miau Katze \\
+  \includegraphics[scale=0.35]{step2.png}
+ \end{center}
+ Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau Katzevv Pingu 
Miau Katze Pingu Miau Katze Pingu Miau Katze\\
+  \includegraphics[scale=0.35]{step3.png}
+ \end{center}
+ Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu 
Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu \\
+  \includegraphics[scale=0.35]{step1_recovery.png}
+ \end{center}
+  \includegraphics[scale=0.35]{step2_recovery.png}
+ \end{center}
+ \begin{center}  
+  \includegraphics[scale=0.3]{step3_recovery.png}
+ \end{center}
+Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau Katze Pingu Miau 
Katze Pingu Miau Katze Pingu Miau Katze Pingu \\
+Einleitung in die Team Mitglieder :)
+\section{Project plan}
+A key challenge for Anastasis is that we need to offer a diverse set of 
authentication methods, as required from
+our business customers. To fully offer these in-house would substantially 
increase the complexity of our business.
+While we need to be able to authenticate users on demand, this will be an 
infrequent business process. Thus, our
+strategy is to outsource the execution of specific authentication procedures 
to specialised providers. For example,
+inexpensive cloud services exist for sending SMS, physical mail, or performing 
video identification. Thus, our
+development focus will be the integration of these services.
+A second challenge is to acquire new customers. Our main distribution channel 
are companies offering privacy-
+enhancing solutions to consumers. We will work with these companies to 
integrate Anastasis with their products,
+and to enter into business agreements to ensure that we are the default 
provider in the software delivered to the
+If we receive the BRIDGE funding, we will definitely found a GmbH to operate 
the service. We already have
+recruited some members for the advisory board, including two professors from 
the BFH and two representatives
+of cooperate customers.
+Our objective for the first year is for Anastasis to implement several 
authentication services, have a working cloud
+deployment with monitoring, and to be integrated with various cryptographic 
consumer products.
+Key milestones are the various integrations of the different authentication 
methods, the integration of
+cryptographic consumer products, and the deployment of our application.
+Additionally, we would always look out for new customers and clients who could 
benefit from Anastasis.
+%Grafik Projektplan
+\section{Business model}
+We are currently in the process of building a start-up for the
+Anastasis application. This business model shows an overview how we
+want to build our start-up and how we want to continue our work on the
+\subsection{Market review and innovation potential}
+There are already some key recovery or key splitting solutions on the
+market. For example, there is a solution from Coinbase. Coinbase is a
+global digital asset exchange company, providing a venue to buy and
+sell digital currencies. Coinbase also uses wallets secured with
+private keys. To recover this private key the user has to provide a 12
+words recovery phrase. Coinbase now offers a solution to securely
+deposit this recovery phrase onto the users Google Drive. The security
+here lies within the Google Account and the password used to encrypt
+the security phrase~\cite{coinbase}. The problem here is that this approach 
+confidentiality. It exchanges a hard to guess password with a shorter
+and easier to guess password. The difficulty is to simultaneously
+assure availability and confidentiality, instead of trading one for
+the other. By allowing citizens to simultaneously achieve
+confidentiality and availability we improve their ability to exercise
+their right to informational self-determination.
+Today information losses from security incidents are rampant, either
+because data is exposed (loss of confidentiality) or because users
+lose their data because of lacking backups (loss of availability). As
+seen in the study of the Global Data Protection Index
+2018~\cite{global_data_index}, 76\% of those interviewed had an
+availability incident. 1TB of data loss or 20 hours of downtime
+reportedly costs half a million dollars. On the other hand, loss of
+confidential private data can result in fines under data protection
+regulation, as well as a difficult to quantify loss of reputation.
+Prominent cases in which sometimes enormous amounts of money have been
+gone useless by losing the key to the digital wallet clarify the
+urgent need of a key recovery system like Anastasis. For example the
+case QuadrigaCX exchange was heavily discussed in the media when the
+chief executive, Gerald Cotton, unexpectedly died and left £145
+million in a “cold wallet”.~\cite{millions_lost}
+In some cases there is a workaround to recover a lost key, provided
+there is a security hole in the digital wallet software that can be
+exploited, but it is far from user friendly and also questions the
+confidentiality of data in such a system. In his article “’I Forgot My
+PIN’: An Epic Tale of Losing \$30,000 in Bitcoin” \cite{forgot_my_pin}
+Mark Frauenfelder, a former editor at WIRED and the director of
+research at the Institute of the Future’s Blockchain Futures Lab,
+writes about his experiences in losing and trying to recover his
+wallet key.
+\subsection{Business model canvas}
+\subsubsection{Key partners}
+Our key partners for Anastasis are three entities. First the business
+partners, Taler Systems SA and p$\equiv$p Foundation, with whom we could
+already make contracts and wish to integrate our product.  Second are
+the providers of Cloud services. To operate Anastasis with minimal
+cost we need the service of these providers. These providers can
+additionally provide us authentication services, this also minimizes
+the complexity of our solution since we do not have to implement these
+services by ourselves.  Such a provider could be for example Amazon
+AWS, Azure, Google.
+In addition to these industry partners, we also count on the continued
+support by the BFH for hosting and mentoring. Prof. Dubius has already
+agreed to serve on our advisory board, and Prof. Grothoff would be
+happy to serve as non-executive chairman for the company.
+\subsubsection{Key activities}
+The main work of our start up is the completion of our software for
+commercial use. This involves the integration of different
+authentication methods and the integration of our application into the
+different consumer applications. Another key activity is the
+maintenance and deployment of our service.
+\subsubsection{Key resources}
+Our developers need a device to work with, we agreed to the policy to
+“bring your own device” this means the start-up does not have to
+invest in hardware. To operate our application, we will need servers
+to provide our service, as previously mentioned we would provide our
+service on a Cloud provider.  For the timely further development of
+our service and integration with various authentication providers,
+payment solutions and applications needing key recovery, we see an
+initial need for at least two fulltime employees. These developers
+would also be responsible for the maintenance and deployment of the
+Additionally, the start-up needs a person who is responsible for the
+business of Anastasis. This employee would be responsible to find new
+business partners and present our application to investors. This
+employee might initially work only part-time. To be able to properly
+launch the start-up, we are hoping to find a combination of investors
+and grants.
+\subsubsection{Value propositions}
+As mentioned earlier there are many applications which need a key
+recovery system. Anastasis is also a privacy friendly and transparent
+solution. Furthermore, Anastasis will make sure that the application
+is user friendly and inexpensive.
+\subsubsection{Customer relationships}
+In the early stages of our start-up our customers are primary going to
+be business customers like Taler Systems SA, p$\equiv$p Foundation,
+Fraunhofer AISEC and NymTech, which all want to integrate our solution
+into their products.  Thus, early on we will likely pursue B2B sales,
+lining up businesses that would want to integrate Anastasis with
+existing security products.
+Once successful products exist in the market, our revenue should
+inherently shift to a B2C model, as then customers will pay for the
+recovery service.  We may then also ourselves invest in integration of
+Anastasis with further software solutions to grow the business, even
+in domains where there is no significant business partner.  This will
+be the case for applications where popular non-commercial solutions
+are freely available. An example for this domain would be consumer
+software that enables disk encryption.
+\subsubsection{Customer segments}
+Our business customers will be primarily developers of security
+applications which need a way to enable end-users to securely
+backup end-user key material.
+End-users paying for the recovery service will be all users using
+privacy-enhancing technologies, where the putting the user in charge
+of their data also burdens the user with taking care of their private
+keys.  Specific applications include payment services including
+crypto-currencies and end-to-end encrypted communication services.
+\subsubsection{Cost structure}
+The main cost for our start-up is the salary of our employees. We need
+to have two or more fulltime employees for the development and one
+part time employee for the business development. Additional costs for
+the start-up are the costs for registering a company. To provide
+Anastasis as a service, we expect to make use of existing public Cloud
+services, which also cost a little bit.
+\subsubsection{Revenue streams}
+In the beginning, businesses like Taler Systems SA will pay us to
+operate an Anastasis server and to help them integrate our protocol
+with their software.  Once we have many end-users utilizing Anastasis,
+they will have to pay directly for the service. The users have to pay
+a subscription fee and possibly additional fees for expensive recovery
+operations. For example a user might pay 0.10 CHF per month for the
+subscription and 0.01 CHF for each encrypted truth
+upload. Additionally, the user would have to pay for expensive
+authentication methods like video identification.
+%% Print the bibibliography and add the section to th table of content

To stop receiving notification emails like this one, please contact

reply via email to

[Prev in Thread] Current Thread [Next in Thread]