summaryrefslogtreecommitdiff
path: root/doc/sphinx/introduction.rst
diff options
context:
space:
mode:
Diffstat (limited to 'doc/sphinx/introduction.rst')
-rw-r--r--doc/sphinx/introduction.rst44
1 files changed, 24 insertions, 20 deletions
diff --git a/doc/sphinx/introduction.rst b/doc/sphinx/introduction.rst
index bfff83a..cf1630a 100644
--- a/doc/sphinx/introduction.rst
+++ b/doc/sphinx/introduction.rst
@@ -54,24 +54,28 @@ to recover their core secret.
The recovery document
---------------------
-A **recovery document** includes all of the information a user needs to
-recover access to their core secret. It specifies a set of **escrow
-methods**, which specify how the user should convince the Anastasis server
-that they are "real". Escrow methods can for example include SMS-based
-verification, video identification or a security question. For each escrow
-method, the Anastasis server is provided with **truth**, that is data the
-Anastasis operator may learn during the recovery process to authenticate the
-user. Examples for truth would be a phone number (for SMS), a picture of the
-user (for video identification), or the (hash of) a security answer. A strong
-adversary is assumed to be able to learn the truth, while weak adversaries
-must not. In addition to a set of escrow methods and associated Anastasis
-server operators, the **recovery document** also specifies **policies**, which
-describe the combination(s) of the escrow methods that suffice to obtain
-access to the core secret. For example, a **policy** could say that the
-escrow methods (A and B) suffice, and a second policy may permit (A and C). A
-different user may choose to use the policy that (A and B and C) are all
-required. Anastasis imposes no limit on the number of policies in a
-**recovery document**, or the set of providers or escrow methods involved in
+A **recovery document** includes all of the information a user needs
+to recover access to their core secret. It specifies a set of
+**escrow methods**, which specify how the user should convince the
+Anastasis server that they are "real". Escrow methods can for example
+include SMS-based verification, video identification or a security
+question. For each escrow method, the Anastasis server is provided
+with **truth**, that is data the Anastasis operator may learn during
+the recovery process. Truth always consists of an encrypted key share
+and associated data to authenticate the user. Examples for truth
+would be a phone number (for SMS), a picture of the user (for video
+identification), or the (hash of) a security answer. A strong
+adversary is assumed to be able to learn the truth, while weak
+adversaries must not. In addition to a set of escrow methods and
+associated Anastasis server operators, the **recovery document** also
+specifies **policies**, which describe the combination(s) of the
+escrow methods that suffice to obtain access to the core secret. For
+example, a **policy** could say that the escrow methods (A and B)
+suffice, and a second policy may permit (A and C). A different user
+may choose to use the policy that (A and B and C) are all required.
+Anastasis imposes no limit on the number of policies in a **recovery
+document**, or the set of providers or escrow methods involved in
guarding a user's secret. Weak adversaries must not be able to deduce
-information about a user's **recovery document** (except for its length, which
-may be exposed to an adversary which monitors the user's network traffic).
+information about a user's **recovery document** (except for its
+length, which may be exposed to an adversary which monitors the user's
+network traffic).