[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: userid

From: gnunet
Subject: [taler-anastasis] branch master updated: userid
Date: Tue, 20 Oct 2020 10:58:42 +0200

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 7074854  userid
7074854 is described below

commit 70748547e7093531985d0aec74e0b73250d65a80
Author: Christian Grothoff <>
AuthorDate: Tue Oct 20 10:58:40 2020 +0200

 doc/ypsomed/ypsomed.tex | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/doc/ypsomed/ypsomed.tex b/doc/ypsomed/ypsomed.tex
index f4e0f09..bd3a517 100644
--- a/doc/ypsomed/ypsomed.tex
+++ b/doc/ypsomed/ypsomed.tex
@@ -134,18 +134,34 @@ The following graphic gives an overview of the Anastasis 
 \subsection{Derive user identifier}
 Every person has some hard to guess, semi-private and unforgettable
 inherent attributes such as name and passport number, social security
-number or AHV number (in Switzerland).  We use those attributes to
-improve the security and privacy provided by Anastasis.  Basically,
-these attributes serve as weak key material, raising the bar for
-attackers without the availability disadvantages of passphrases ---
-which users may forget.  Anastasis derives a ``user identifier'' from
-such a set of unforgettable attributes. This user identifier is used
-for the up- and download procedure.
+number or AHV number (in Switzerland).  While we cannot assume that
+these attributes are true secrets that are unavailable to all
+adversaries, we can assume that {\em some} ``weak'' adversaries do not
+know all of these attributes.
+Consequently, we use those attributes to improve the security and
+privacy provided by Anastasis.  Basically, these attributes serve as
+weak key material, making it impossible for weak adversaries --- which
+likely includes the Anastasis service providers themselves --- to
+compromise the confidentiality of the information stored.  Anastasis
+derives a ``user identifier'' from such a set of unforgettable
+user-specific attributes. This user identifier is used to encrypt data
+and to identify the user during backup and recovery procedures.  Using
+the user identifier avoids availability disadvantages of other
+authentication methods.
+We note that the user identifier merely is used to raise the bar for
+attackers.  Anastasis users will still authorize recovery using
+combinations of traditional authentication methods.
 \subsection{Recovery and backup flow}
-The following is a very simplified description of the Anastasis protocol. It 
is only intended to illustrate how Anastasis basically works:\\
+The following is a simplified description of the Anastasis
+protocol. It is only intended to illustrate how Anastasis basically

To stop receiving notification emails like this one, please contact

reply via email to

[Prev in Thread] Current Thread [Next in Thread]