История изменений
Исправление pru-mike, (текущая версия) :
Anastasis is a service that allows the user to securely deposit a core secret with an
open set of escrow providers and recover it if the secret is lost. The core secret itself
is protected from the escrow providers by encrypting it with a master key. The main
objective of Anastasis is to ensure that the user can reliably recover the core secret,
while making this difficult for everyone else. Furthermore, Anastasis supports situations
where the user is unable to reliably remember any secret with sufficiently high entropy, so
Anastasis does not simply encrypt using some other key material in exclusive possession
of the user.
To uniquely identify users and to provide a first layer of protection, an “unforgettable”
identifier is used. This identifier should be difficult to guess for anybody but the user.
However, the identifier is not expected to have sufficient entropy or secrecy to be cryp-
tographically secure. Examples for such an identifier would be a concatenation of the
full name of the user and their social security or passport number(s). For Swiss citizens,
the AHV number could also be used.
https://anastasis.lu/pdf/anastasis_documentation.pdf
Ну насколько я понял, сервис предлагает восстанавливать пароли по ‘незабываемому’ идентификатору пользователя + батарее из ‘escrow providers’ (смс, почта и т.п.)
хз, выглядит небезопасно
Исходная версия pru-mike, :
Anastasis is a service that allows the user to securely deposit a core secret with an
open set of escrow providers and recover it if the secret is lost. The core secret itself
is protected from the escrow providers by encrypting it with a master key. The main
objective of Anastasis is to ensure that the user can reliably recover the core secret,
while making this difficult for everyone else. Furthermore, Anastasis supports situations
where the user is unable to reliably remember any secret with sufficiently high entropy, so
Anastasis does not simply encrypt using some other key material in exclusive possession
of the user.
To uniquely identify users and to provide a first layer of protection, an “unforgettable”
identifier is used. This identifier should be difficult to guess for anybody but the user.
However, the identifier is not expected to have sufficient entropy or secrecy to be cryp-
tographically secure. Examples for such an identifier would be a concatenation of the
full name of the user and their social security or passport number(s). For Swiss citizens,
the AHV number could also be used.
https://anastasis.lu/pdf/anastasis_documentation.pdf
Ну насколько я понял, сервис предлагает восстанавливать пароли по ‘незабываемому’ идентификатору пользователя + батарее из ‘escrow providers’ (смс, почта и т.п.)
хз, выглядит не безопасно