glossary.tex (1789B)
1 \section*{Glossary} 2 \label{sec:glossary} 3 \addcontentsline{toc}{section}{\nameref{sec:glossary}} 4 \begin{description} 5 \item[account key] {A public-private key pair used to sign and authenticate the encrypted policy document upload.} 6 \item[authentication method] {An authentication method specifies how the user should convince the escrow provider that he is authorized to get a key share.} 7 \item[challenge] {A challenge is a data structure which holds information about a user authentication for a escrow provider.} 8 \item[core secret] {The core secret is the data which the user wants to protect with Anastasis.} 9 \item[escrow provider] {An escrow provider is referred to servers which operate Anastasis.} 10 \item[kdf id] {The kdf id is an Argon2 hash over the user's unforgettable password.} 11 \item[key share] {A key share is a random byte sequence which is combined with other key shares to create a policy key.} 12 \item[master key] {The master key is a randomly generated key which is used to encrypt the user's core secret.} 13 \item[policy] {A policy is a list of challenges which need to be solved to recover the core secret.} 14 \item[policy key] {Every policy holds a separate policy key which is built through the combination of the key shares. The policy key is used to encrypt the master key.} 15 \item[recovery document] {A data structure which contains a set of policies and challenges.} 16 \item[truth] {A truth is a data structure which defines how a user authentication is performed, it also contains the key share which is released upon successful authentication.} 17 \item[truth key] {A public-private key pair used to sign and authenticate the truth upload.} 18 \item[truth seed] {A nonce used to generate the key material to sign the truth upload.} 19 \end{description}