Next release of Cesium will integrate a security wizard, developed by @Ccotonnec.
##Main features
Revoke your identity (with confirmations popup) when login;
Generate a revocation file. This is a file to store on your compute and/or USB storage key/hard disk, to use if your account is lost (loss of your identifiers, account hacked…);
Revoke your identity, using the previous generated file;
Generate a “retrieve credentials” file (a document named SaveID) : this file encrypt your credentials, using a list of quetions/answers that you choose (from 4 to N questions). This file could be use to retrieve your credentials (secret phrase and password);
Retrieve your credentials, using the previous generated file;
You will be able to access this wizard :
if login : from “My account” screen, then menu “Options > Security…”
if not login : from the home page “I lost my credentials”
Technical details
@Ccotonnec could you add details here, on the SaveID document format ?
Thanks !
One small question, did you try if the revocation file was compatible with what sakia generates ? Just to ensure that what we are doing is remains coherent
So one person who have this file can easily retrieve secretphrase/password only by knowing answer of these easy to decrypt questions/answers !?
I suggest to alert the user to separate and save secretphrase and password in 2 or more different physical places, that could be 2+ CD Roms, 2+ USB keys, or even 2+ physical papers.
Personnaly i preffer the Shamir’s Secret Sharing Scheme for this.
and giving a bit of secret with people of trust, but who does not know each other (Or little)
And it allows to recover the money in case of death
you can find a demo Here (do not use for real secret)
|Field | Description |
| -------------- | --------------------------------------------------------- |
|Version |Current structure version |
|Type |Type of the document |
|Questions |Questions selected by the user |
|Issuer |The public key of the issuer |
|Crypted-Nonce |A crypted arbitrary nonce value |
|Crypted-pubkey |The public key derived from the encryption of credentials |
|Cypted-salt |Crypted salt |
|Crypted-pwd |Crypted password |
|Signature |Signature |
##Example
Version: 10
Type: SaveID
Questions:
Comment s’appelait votre meilleur ami lorsque vous étiez adolescent ?
Comment s’appelait votre premier animal de compagnie ?
Issuer: G2CBgZBPLe6FSFUgpx2Jf1Aqsgta6iib3vmDRA1yLiqU
Crypted-Nonce: CHMJeXjoAfXKR6fzn9jxcbuRh4oVCDwFm
Crypted-Pubkey: Bo4V7mhfeLFhkPpV9jwsTwfnLnzr4gUDr322H12sXxYo
Crypted-Salt: q6k9/vKIWYA/6x4Fjp8Gp2lRuw==
Crypted-Pwd: 7m2u2kVXaWv8MSFG6TxDLWvg==
aKM4ZLMnRHjoqFu9bA+UytpSuwm1U+f6p4ZWv9ob2XGoojmJuiVh0/gE7q7J41BbDOYO87iqxAHcXtMImeCMBg==