diff options
Diffstat (limited to 'doc/system-documentation/glossary.tex')
-rw-r--r-- | doc/system-documentation/glossary.tex | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/doc/system-documentation/glossary.tex b/doc/system-documentation/glossary.tex new file mode 100644 index 0000000..7dced87 --- /dev/null +++ b/doc/system-documentation/glossary.tex | |||
@@ -0,0 +1,19 @@ | |||
1 | \section*{Glossary} | ||
2 | \label{sec:glossary} | ||
3 | \addcontentsline{toc}{section}{\nameref{sec:glossary}} | ||
4 | \begin{description} | ||
5 | \item[account key] {A public-private key pair used to sign and authenticate the encrypted policy document upload.} | ||
6 | \item[authentication method] {An authentication method specifies how the user should convince the escrow provider that he is authorized to get a key share.} | ||
7 | \item[challenge] {A challenge is a data structure which holds information about a user authentication for a escrow provider.} | ||
8 | \item[core secret] {The core secret is the data which the user wants to protect with Anastasis.} | ||
9 | \item[escrow provider] {An escrow provider is referred to servers which operate Anastasis.} | ||
10 | \item[kdf id] {The kdf id is an Argon2 hash over the user's unforgettable password.} | ||
11 | \item[key share] {A key share is a random byte sequence which is combined with other key shares to create a policy key.} | ||
12 | \item[master key] {The master key is a randomly generated key which is used to encrypt the user's core secret.} | ||
13 | \item[policy] {A policy is a list of challenges which need to be solved to recover the core secret.} | ||
14 | \item[policy key] {Every policy holds a separate policy key which is built through the combination of the key shares. The policy key is used to encrypt the master key.} | ||
15 | \item[recovery document] {A data structure which contains a set of policies and challenges.} | ||
16 | \item[truth] {A truth is a data structure which defines how a user authentication is performed, it also contains the key share which is released upon successful authentication.} | ||
17 | \item[truth key] {A public-private key pair used to sign and authenticate the truth upload.} | ||
18 | \item[truth seed] {A nonce used to generate the key material to sign the truth upload.} | ||
19 | \end{description} | ||