[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: starting point for application

From: gnunet
Subject: [taler-anastasis] branch master updated: starting point for application
Date: Fri, 06 Nov 2020 18:37:57 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new e6f64b2  starting point for application
     new b030cbe  Merge branch 'master' of git+ssh://
e6f64b2 is described below

commit e6f64b2d0d3c242d8ff0f3e4e702f8cfdbfebb21
Author: Christian Grothoff <>
AuthorDate: Fri Nov 6 18:37:50 2020 +0100

    starting point for application
 doc/ihf/abstract.txt   |  0
 doc/ihf/budget.txt     | 13 +++++++++++++
 doc/ihf/challenges.txt |  0
 doc/ihf/compare.txt    | 40 ++++++++++++++++++++++++++++++++++++++++
 doc/ihf/ecosystem.txt  | 34 ++++++++++++++++++++++++++++++++++
 doc/ihf/people.txt     | 22 ++++++++++++++++++++++
 6 files changed, 109 insertions(+)

diff --git a/doc/ihf/abstract.txt b/doc/ihf/abstract.txt
new file mode 100644
index 0000000..e69de29
diff --git a/doc/ihf/budget.txt b/doc/ihf/budget.txt
new file mode 100644
index 0000000..a1d3435
--- /dev/null
+++ b/doc/ihf/budget.txt
@@ -0,0 +1,13 @@
+E-mail authentication backend              :  5000 EUR (1 PM)
+SMS authentication backend                 :  5000 EUR (1 PM)
+Video-Identification authentication backend:  5000 EUR (1 PM)
+Server deployment in Cloud with monitoring : 10000 EUR (2 PM)
+Graphical user interface (standalone)      :  5000 EUR (1 PM)
+Client-side cryptography in TypeScript     :  5000 EUR (1 PM)
+Reducer-Style API in TypeScript            : 10000 EUR (2 PM)
+Documentation and reporting                :  2500 EUR
+                                             47500 EUR
+Developers will be expected to BYOD, hence no cost for hardware.  The
+team will coordinate online.
diff --git a/doc/ihf/challenges.txt b/doc/ihf/challenges.txt
new file mode 100644
index 0000000..e69de29
diff --git a/doc/ihf/compare.txt b/doc/ihf/compare.txt
new file mode 100644
index 0000000..95894b9
--- /dev/null
+++ b/doc/ihf/compare.txt
@@ -0,0 +1,40 @@
+There are a few key recovery solutions on the market today. Some
+examples of existing key recovery solutions and their problems shall
+be introduced in the following.
+Coinbase is a global digital asset exchange company which provides a
+venue to buy and sell crypto currencies. Coinbase uses wallets secured
+with private keys. To recover this private key the user must provide a
+12-word recovery phrase. Coinbase now offers a “solution” to securely
+deposit this recovery phrase onto the users Google Drive. The security
+here lies within the Google Account and the password used to encrypt
+the security phrase. The problem here is that this approach undermines
+confidentiality: It simply exchanges a hard to guess 12-word
+passphrase with a shorter and easier to guess Google password.
+Vault12 is a service using Shamir Secret Sharing provided by the
+Vault-Tec Corporation. Shamir Secret Sharing is a so called „Social
+Recovery“ method. It allows to split all kind of data, (pictures,
+passphrases, cryptographic keys) into shares and distribute them to
+trusted entities, called „Guardians“ in Vault12. To recover the data a
+subset of the chosen Guardians is asked to release their share. The
+released shares are used to reconstruct the data again. Vault12 is
+available for iOS, Android, Windows and MacOS. Unfortunately it is not
+Free Software and therefore lacks transparency.
+MI-DATA is a Swiss platform for e-health data. They also use Shamir
+secret splitting to distribute recovery information among a fixed set
+of staff members. However, during key recovery their system
+administrator can have full access to the private health data, voiding
+all the safety assurances key-splitting is supposed to achieve.
+ is a closed source digital identity wallet. The recovery of
+the used key and the wallet works similar to Coinbase: An encrypted
+backup of the user data is stored on the cloud, which can be
+downloaded and decrypted using a recovery phrase. The software offers
+no solution how the user keeps this phrase. The user is therefore
+responsible for storing it correctly.
+uPort is an opensource digital identity wallet based on
+Etherium. uPort also works with the 12-word-recovery phrase and also
+does not offer a solution for the user to securely store the phrase.
diff --git a/doc/ihf/ecosystem.txt b/doc/ihf/ecosystem.txt
new file mode 100644
index 0000000..a02305f
--- /dev/null
+++ b/doc/ihf/ecosystem.txt
@@ -0,0 +1,34 @@
+We have letters of support or firm integration commitments from
+various teams, several of which are already involved with NGI:
+* The GNU Taler team has committed to integrating Taler into
+  their wallet application to enable backups for their
+  payment solution.  They have been funded under NGI Zero.
+  GNU Taler needs a TypeScript reducer API for this.
+* Fraunhofer AISEC is interested in using Anastasis for key
+  backup for the Re:claimID identity management solution.
+  They have been funded under NGI POINTER (DISSENS).
+  Re:claimID will need a C-style API for this, which exists.
+* NymTech is interested in using Anastasis for their cryptocurrency
+  wallet. Like our team, they were awarded a grant under NGI LEDGER,
+  which was subsequently withdrawn by LEDGER due to process errors in
+  LEDGER.  We hope they survive this and we can plan on integration
+  in the future.
+* MI-Data is a platform for storing personal medical data for
+  research. The data is encrypted and users must release their
+  data for particular experiments. MI-DATA is interested in
+  Anastasis to simplify their password recovery procedure for users.
+* pEp foundation has created an e-mail protocol and implementation
+  using opportunistic encryption. They have also committed to
+  integrating Anastasis with their product.
+We expect to engage with additional application developers to drive
+adoption once the reducer API is stable and available in TypeScript
+and C.
+Finally, we are in discussions with the GNU project and hope to become
+an official GNU package as soon as the code is in reasonable shape.
diff --git a/doc/ihf/people.txt b/doc/ihf/people.txt
new file mode 100644
index 0000000..ead957f
--- /dev/null
+++ b/doc/ihf/people.txt
@@ -0,0 +1,22 @@
+Dennis Neufeld recently completed his Bachelor's degree in IT Security
+at the Bern University of Applied Sciences (BFH).  The design and
+implementation of Anastasis was the topic of their bachelor thesis.
+During the thesis they could successfully develop a proof of concept
+of the software.  Dennis is responsible for the integration of
+Anastasis into other products.
+Vaishnavi Mohan is a software engineer with a master's in distributed
+software systems. She specializes in the development and secure
+deployment of applications on public clouds. She will be responsible
+for the cloud deployment and the integration of the authentication
+backends with existing cloud services.
+Berna Alp is an economist by trade. She is currently council member at
+the pretty Easy privacy (pEp) foundation, a board member at
+ISOC Switzerland and she owns a consulting business specialized in IT
+transformation and ERP projects.  She has worked as project
+coordinator on World Bank projects, as Senior FI/CO Consultant at
+Andersen Consulting in New York City and as SAP FI/CO & JVA team lead
+at a multi-national steel company implementing SAP in 28 companies and
+17 countries.  She is responsible for general management in the team.

To stop receiving notification emails like this one, please contact

reply via email to

[Prev in Thread] Current Thread [Next in Thread]