summaryrefslogtreecommitdiff
path: root/anastasis.rst
diff options
context:
space:
mode:
authorDennis Neufeld <dennis.neufeld@students.bfh.ch>2020-10-19 15:56:51 +0200
committerDennis Neufeld <dennis.neufeld@students.bfh.ch>2020-10-19 15:56:51 +0200
commitbcd7ef59ab7da21dc631ff78b07583b1e41a9cd8 (patch)
tree22c70b8b41d2e6edbc1223d2cc0474d914702427 /anastasis.rst
parent2a8df9767143fbe3770426e5c6cfb0d83353d83e (diff)
downloaddocs-bcd7ef59ab7da21dc631ff78b07583b1e41a9cd8.tar.gz
docs-bcd7ef59ab7da21dc631ff78b07583b1e41a9cd8.tar.bz2
docs-bcd7ef59ab7da21dc631ff78b07583b1e41a9cd8.zip
reducer illustrations
Diffstat (limited to 'anastasis.rst')
-rw-r--r--anastasis.rst47
1 files changed, 42 insertions, 5 deletions
diff --git a/anastasis.rst b/anastasis.rst
index bb206db..e282b2f 100644
--- a/anastasis.rst
+++ b/anastasis.rst
@@ -28,7 +28,7 @@ encrypting it with a **master key**. The main objective of Anastasis is to
ensure that the user can reliably recover the **core secret**, while making
this difficult for everyone else. Furthermore, it is assumed that the user is
unable to reliably remember any secret with sufficiently high entropy, so we
-cannot simply encrypt using some other key material in posession of the user.
+cannot simply encrypt using some other key material in possession of the user.
To uniquely identify users, an "unforgettable" **identifier** is used. This
identifier should be difficult to guess for anybody but the user. However, the
@@ -51,7 +51,7 @@ A **recovery document** includes all of the information a user needs to
recover access to their core secret. It specifies a set of **escrow
methods**, which specify how the user should convince the Anastasis server
that they are "real". Escrow methods can for example include SMS-based
-verification, Video-identfication or a security question. For each escrow
+verification, Video-identification or a security question. For each escrow
method, the Anastasis server is provided with **truth**, that is data the
Anastasis operator may learn during the recovery process to authenticate the
user. Examples for truth would be a phone number (for SMS), a picture of the
@@ -334,9 +334,9 @@ capacity.
--------------
-Anastasis API
--------------
+------------------
+Anastasis REST API
+------------------
.. _salt:
@@ -789,6 +789,43 @@ charge per truth operation using GNU Taler.
}
+---------------------
+Anastasis Reducer API
+---------------------
+
+This section describes the Anastasis Reducer API which is used by client applications
+to store or load the different states the client application can have.
+
+
+Backup Reducer
+^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_backup.png
+ :name: fig-anastasis_reducer_backup
+ :alt: fig-anastasis_reducer_backup
+ :scale: 35 %
+ :align: center
+
+ Backup states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a backup
+process.
+
+Recovery Reducer
+^^^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_recovery.png
+ :name: fig-anastasis_reducer_recovery
+ :alt: fig-anastasis_reducer_recovery
+ :scale: 35 %
+ :align: center
+
+ Recovery states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a recovery
+process.
+
+
.. _anastasis-auth-methods:
----------------------