commit 5dd223b4567f402a7de436c7d6c6418f639cc41f
parent 0c37735a7170fea43efb25a14f706f8a80117421
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Thu, 13 Jun 2024 01:22:30 +0200
rework android part
Diffstat:
6 files changed, 30 insertions(+), 15 deletions(-)
diff --git a/doc/thesis/bibliography.bib b/doc/thesis/bibliography.bib
@@ -73,6 +73,14 @@
author={{Christian Blättler}},
title={Privacy-preserving Subscriptions and Discounts},
year={2024},
- howpublished = {\url{https://stage.taler.net/papers/subscription-discounts-thesis.pdf}},
+ howpublished = {\url{https://taler.net/papers/subscription-discounts-thesis.pdf}},
}
+@misc{taler-cs,
+ author={{Gian Demarmels, Lucien Heuzeveldt}},
+ title={Adding Schnorr's Blind Signature in Taler},
+ year={2022},
+ howpublished = {\url{https://taler.net/papers/cs-thesis.pdf}},
+}
+
+
diff --git a/doc/thesis/chapters/background/blindsign.tex b/doc/thesis/chapters/background/blindsign.tex
@@ -6,7 +6,7 @@ signature for a message, without revealing the contents of the message to the
signer. All cryptographic elements used by the Donau where provided by the GNU
Taler libraries. Blind signatures are slightly slower than the normal
signatures, this does not result in a performance issue as this project on GNU
-Taler shows: \url{https://taler.net/en/news/2022-06.html}.
+Taler shows: \cite{taler-cs}.
This section only provides an overview of blinded signatures. Detailed
information about blinded signatures can be found at
diff --git a/doc/thesis/chapters/implementation/android.tex b/doc/thesis/chapters/implementation/android.tex
@@ -3,13 +3,19 @@ The Android app is part of the verification process used by the tax authority
to check the donation statement (see
\ref{donor_sends_final_statement_to_a_validator}).
-It is possible to define an URI scheme for an Android app. The app opens when
-the link is activated. The arguments defined in chapter
-\ref{donor_sends_final_statement_to_a_validator} are separated with slashes. To
-ensure that as many characters as possible can be stored in the QR code, the QR
-code should be alphanumeric encoded\footnote{alphanumeric encoded QR codes have
+The app decodes the received QR code from the donor, parse the signing
+values and the signature and use them to verify the signature. At the end, the
+values and the status of whether the signature is valid are displayed.
+The arguments of the QR code are defined in chapter \ref{donor_sends_final_statement_to_a_validator} which have to be separated with
+a delimiter. The delimiter depends on the encoding method for the binary values.
+Since the QR code should be kept as small as possible, base64 would be a good choice.
+With base64 a colon, for example, can be used as a delimiter. Colons are not available
+in the base64 alphabet. The base64 encoding allows the QR code to be alphanumeric encoded\footnote{alphanumeric encoded QR codes have
a capacity of up to 4296 characters and support only a few special
-characters}. This means that each argument is stringified. To ensure that no
-special characters are used for binary data, the hash and the signature are
-encoded in ASCII using CrockfordBase32.\cite{qrcodedensowavewebsite}
-%TODO: Add Link example
+characters}. This enables to use more characters in a single QR code.\cite{qrcodedensowavewebsite}\\
+A possible QR code string specification with colons as delimiter could look like this:
+$YEAR:TOTALAMOUNT:TAXID:TAXIDSALT:ED25519SIGNATURE$
+In order to correctly verify the signature everything have to be in form and order.
+As the tax ID and the tax ID salt were used hashed for the signing, this have to be repeated. Every signature in the Taler ecosystem uses unique signature codes to to
+avoid misuse.
+
diff --git a/doc/thesis/chapters/implementation/donau.tex b/doc/thesis/chapters/implementation/donau.tex
@@ -252,7 +252,7 @@ The \texttt{history} table keeps the donation records of the past years.
\begin{figure}[ht]
\includegraphics[width=1\textwidth]{db_physical_model}
-\caption{Donau database model (generated by \url{dbdiagram.io})} \label{fig:db_physical_model}
+\caption{Donau database model (generated by \url{https://dbdiagram.io/})} \label{fig:db_physical_model}
\end{figure}
\subsubsection{charities}
Each registered charity has an entry in this table. There may be a donation
diff --git a/doc/thesis/chapters/results/results.tex b/doc/thesis/chapters/results/results.tex
@@ -16,9 +16,10 @@ summarizing the receipts into one single QR-Code, the user convenience for the
tax authority and for the donor could be improved.
Important components that are needed to operate the Donau are not yet
-implemented. This includes the charity side and donor client side. Although
-test where written to ensure that the Donau endpoints operate as expected,
-there are still some bugs and most likely also unknown bugs, not yet found.
+implemented. This includes the charity side and donor client side. The android
+verification app is only partly implemented. Although test where written to
+ensure that the Donau endpoints operate as expected, there are still some other
+bugs and most likely also unknown bugs, not yet found.
The tax authority emphasizes user convenience and simplicity in a system like
the Donau. The tax authority also mentioned the challenges that arise when
diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf
Binary files differ.
