Anastasis Documentation

Anastasis is a Free Software protocol and implementation that allows users to securely deposit core secrets with an open set of escrow providers and to recover these secrets if their original copies are lost.

Anastasis is intended for users that want to make backups of key material, such as OpenPGP encryption keys, hard disk encryption keys or master keys of electronic wallets. Anastasis is NOT intended to store large amounts of secret data, it is only designed to safeguard key material.

Anastasis solves the issue of keeping key material both available to the authorized user(s), and confidential from anyone else.

With Anastasis, the core secrets are protected from the Anastasis escrow providers by encrypting each with a master key. The master key can be split and distributed across the escrow providers to ensure that no single escrow provider can recover the master key on its own. Which subset(s) of Anastasis providers must be contacted to recover a master key is freely configurable.

With Anastasis, users can reliably recover their core secret, while Anastasis makes this difficult for everyone else. This is even true if the user is unable to reliably remember any secret with sufficiently high entropy: Anastasis does not simply reduce the problem to encrypting the core secret using some other key material in possession of the user.