TABLE OF CONTENTS
As a decentralized system, Atakama relies on a set of unique devices (e.g., smartphone and computer) that use individual Keys and a consensus mechanism to securely perform cryptographic actions. For example, when a user goes to open a file (i.e., decrypt the file) they receive a push notification on the Atakama Mobile app running on their mobile device. The user must tap approve on the app in order to achieve the consensus and complete the action of decrypting the file. At Atakama, we refer to this as a MofNop process, which stands for "M of N operation". A MofNop process is any Atakama action that requires Keys and the user’s approval to achieve consensus.
A MofNop process is achieved through the use of threshold cryptography to enable customization of any "M of N" required device combinations (e.g., "2 of 3", "2 of 4", "3 of 5", etc.). A user's computer is always counted towards the required device threshold. The second and third devices are mobile devices such as a smartphone and tablet. Atakama does not require the reconstitution of all Keys in order to complete a MofNop process. As a result, users can customize the number of devices necessary to perform an action such as file decryption.
For example, in a "3 of 5" combination, the user would receive a notification on two linked devices (smartphone and tablet) when accessing a file. In such a scenario, authorizing the decryption process on only one of those two linked devices is insufficient to decrypt the file. That is because in a "3 of 5" scenario, 3 is the number of Keys necessary to decrypt a file. The most common MofNop combination is "2 of 3" devices -- computer, smartphone, and one backup device such as a tablet, old smartphone, or a smartphone belonging to someone the user trusts such as a friend, family member, or colleague.
Examples of a MofNop process include:
Opening, renaming, and moving encrypted files
Replacing a device when it is lost, inoperable, or upgraded to a new device
Creating a Secure Folder
Adding a user to a Security Group
Changing the Security Threshold.
The Security Threshold underpins Atakama's decentralized consensus mechanism. It is the number of Keys required to complete a MofNop process. If the number of available Keys is greater than the threshold, then not every key is required for approval. For example, if a user’s configuration includes 3 devices (e.g., computer, smartphone, tablet), and the threshold is 2, then approval on 2 of the 3 devices is sufficient, as each device holds a single Key. The user's 3 Keys comprise that user's Atakama Profile.
When more than one MofNop process is initiated contemporaneously (e.g., simultaneously opening several files), it is possible that approval of the multiple actions will be grouped into a single Multi-Request. Approving the Multi-Request will approve all of the requests that it contains.
Instead of tapping to approve on the Atakama Mobile app for every file being opened, Atakama allows users to pre-approve a maximum number of files within a set period of time. For example, opening 20 encrypted files normally requires 20 individual MofNop approvals, but when a Session has been initiated, the user has pre-approved the next 20 MofNops, meaning all 20 file opens can be completed with just a single approval to initiate the Session. Files remain encrypted until the user opens them.
A session can also support auto-approval of a Multi-Request. For example, during a Session with a maximum of 20 MofNops, a Multi-Request action that contains 5 MofNops will cause the Session to decrease to 15.
An Atakama Profile is a set of unique devices, each holding Keys, belonging to an individual user. Each device is listed in order within the Atakama Control Center under Keys in Use. Priority order is user configurable via the Edit Key Order button in the Keys tab.
Mobile device keys are referred to as an Atakama Authenticator device. Users can modify the order of an Atakama Authenticator. Keys on a computer (i.e., workstation) are automatically included as the first device. Keys on Paper are used in recovery situations only.
When a user initiates an action, such as file decryption, that requires a MofNop process, the first Atakama Authenticator receives the request to approve the action. The Waterfall of devices is the Key Priority order. Not all the Atakama Authenticator devices are necessary to approve the action when the number of available devices is higher than the Threshold. The Waterfall is useful when the first Atakama Authenticator device is offline or is intentionally skipped by the user, allowing the approval request to be pushed to the next Atakama Authenticator device (i.e., "waterfall to the next device").
Authenticated Metadata is file-related data other than its contents, such as filename and location. To ensure the integrity of any files encrypted by Atakama, renaming or moving a file is considered a MofNop process that requires approval.
Why do I need to approve a file rename? It is important to know with certainty which file you are decrypting. If a file could be renamed without a MofNop approval, then an adversary by simply changing a filename could trick a user into believing they are opening File A when in fact they are opening File B. Doing so could potentially result in the inappropriate and unintended disclosure of information. Requiring the MofNop approval for a file rename maintains the security of the data.
The Atakama Mobile app has a setting (Settings > Silent Mode) that silences MofNop requests by blocking the app from receiving the requests. Atakama does not wait for a device in silent mode before sending a waterfall MofNop request to the next device.