commit bcd7ef59ab7da21dc631ff78b07583b1e41a9cd8
parent 2a8df9767143fbe3770426e5c6cfb0d83353d83e
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
Date: Mon, 19 Oct 2020 15:56:51 +0200
reducer illustrations
Diffstat:
3 files changed, 42 insertions(+), 5 deletions(-)
diff --git a/anastasis.rst b/anastasis.rst
@@ -28,7 +28,7 @@ encrypting it with a **master key**. The main objective of Anastasis is to
ensure that the user can reliably recover the **core secret**, while making
this difficult for everyone else. Furthermore, it is assumed that the user is
unable to reliably remember any secret with sufficiently high entropy, so we
-cannot simply encrypt using some other key material in posession of the user.
+cannot simply encrypt using some other key material in possession of the user.
To uniquely identify users, an "unforgettable" **identifier** is used. This
identifier should be difficult to guess for anybody but the user. However, the
@@ -51,7 +51,7 @@ A **recovery document** includes all of the information a user needs to
recover access to their core secret. It specifies a set of **escrow
methods**, which specify how the user should convince the Anastasis server
that they are "real". Escrow methods can for example include SMS-based
-verification, Video-identfication or a security question. For each escrow
+verification, Video-identification or a security question. For each escrow
method, the Anastasis server is provided with **truth**, that is data the
Anastasis operator may learn during the recovery process to authenticate the
user. Examples for truth would be a phone number (for SMS), a picture of the
@@ -334,9 +334,9 @@ capacity.
--------------
-Anastasis API
--------------
+------------------
+Anastasis REST API
+------------------
.. _salt:
@@ -789,6 +789,43 @@ charge per truth operation using GNU Taler.
}
+---------------------
+Anastasis Reducer API
+---------------------
+
+This section describes the Anastasis Reducer API which is used by client applications
+to store or load the different states the client application can have.
+
+
+Backup Reducer
+^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_backup.png
+ :name: fig-anastasis_reducer_backup
+ :alt: fig-anastasis_reducer_backup
+ :scale: 35 %
+ :align: center
+
+ Backup states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a backup
+process.
+
+Recovery Reducer
+^^^^^^^^^^^^^^^^
+.. figure:: anastasis_reducer_recovery.png
+ :name: fig-anastasis_reducer_recovery
+ :alt: fig-anastasis_reducer_recovery
+ :scale: 35 %
+ :align: center
+
+ Recovery states and their transitions.
+
+
+The illustration above shows the different states the reducer can have during a recovery
+process.
+
+
.. _anastasis-auth-methods:
----------------------
diff --git a/anastasis_reducer_backup.png b/anastasis_reducer_backup.png
Binary files differ.
diff --git a/anastasis_reducer_recovery.png b/anastasis_reducer_recovery.png
Binary files differ.
