Commit 3b09b8d2 authored by Nouri-Alnahawi's avatar Nouri-Alnahawi
Browse files

replay commits from new repo

parent 6daeb9bb
Pipeline #81092 passed with stages
in 2 minutes and 39 seconds
...@@ -93,14 +93,14 @@ enable = true ...@@ -93,14 +93,14 @@ enable = true
# End user relevant links. These will show up on left side of footer and in the community page if you have one. # End user relevant links. These will show up on left side of footer and in the community page if you have one.
[[params.links.developer]] [[params.links.developer]]
name = "E-Mail" name = "E-Mail"
url = "mailto:nouri.alnahawi@h-da.de" url = "mailto:cma@h-da.de"
icon = "fa fa-envelope" icon = "fa fa-envelope"
desc = "E-Mail Contact" desc = "E-Mail Contact"
# Developer relevant links. These will show up on right side of footer and in the community page if you have one. # Developer relevant links. These will show up on right side of footer and in the community page if you have one.
[[params.links.developer]] [[params.links.developer]]
name = "GitLab" name = "GitLab"
url = "https://code.fbi.h-da.de/cspub/cma" url = "https://gitlab.com/pqc-cma/cma"
icon = "fab fa-gitlab" icon = "fab fa-gitlab"
desc = "GitLab Repository of This Site" desc = "GitLab Repository of This Site"
......
...@@ -37,7 +37,7 @@ Applied Cyber-Security research group at Darmstadt University of Applied Science ...@@ -37,7 +37,7 @@ Applied Cyber-Security research group at Darmstadt University of Applied Science
User-Centered Security research group at Darmstadt University of Applied Sciences User-Centered Security research group at Darmstadt University of Applied Sciences
{{% /blocks/feature %}} {{% /blocks/feature %}}
{{% blocks/feature icon="fab fa-gitlab" title="Contributions Welcome!" url="https://code.fbi.h-da.de/cspub/cma" %}} {{% blocks/feature icon="fab fa-gitlab" title="Contributions Welcome!" url="https://gitlab.com/pqc-cma/cma" %}}
Send a Pull Request to our repository on **GitLab** to contribute to this site Send a Pull Request to our repository on **GitLab** to contribute to this site
{{% /blocks/feature %}} {{% /blocks/feature %}}
......
...@@ -8,7 +8,7 @@ weight: 9 ...@@ -8,7 +8,7 @@ weight: 9
--- ---
Your contributions are always welcome! Your contributions are always welcome!
To contribute to this site fork our repository on [Gitlab](https://code.fbi.h-da.de/cspub/cma) and send a merge request (aka pull request) with your update. To contribute to this site fork our repository on [Gitlab](https://gitlab.com/pqc-cma/cma) and send a merge request (aka pull request) with your update.
#### How-To #### How-To
This site uses the Hugo Docsy Documentation theme. All pages are in Markdown and can be edited with any normal text editor. To add new references or any useful material you need to visit the Gitlab repository, fork the project, and then edit the files you wish to update. After that just send a merge request with your commit. You may also create new pages if your contribution doesn't fit into any of the existing pages. Please pay attention to the syntax and formatting. In case you are not sure how to do so, just try, and we can gladly correct any mistakes in your merge request. This site uses the Hugo Docsy Documentation theme. All pages are in Markdown and can be edited with any normal text editor. To add new references or any useful material you need to visit the Gitlab repository, fork the project, and then edit the files you wish to update. After that just send a merge request with your commit. You may also create new pages if your contribution doesn't fit into any of the existing pages. Please pay attention to the syntax and formatting. In case you are not sure how to do so, just try, and we can gladly correct any mistakes in your merge request.
......
...@@ -5,32 +5,32 @@ draft: false ...@@ -5,32 +5,32 @@ draft: false
weight: 2 weight: 2
layout: no_index layout: no_index
--- ---
An overview of the existing security standards that make use of cryptographic systems and cipher suites, and their current state of PQC integration. An overview of the standard security protocols and applications that make use of cryptographic systems and cipher suites, and their current state of PQC integration.
|Security Protocol|Description|Type|Usage|OSI-Layer| |Protocol/Application|Description|Security Aspect|Mechanism|Usage|OSI-Layer|
|-----------------|-----------|----|-----|---------| |--------------------|-----------|---------------|---------|-----|---------|
|**Data Link Layer**| |**Data Link Layer**|
|[MACsec]({{< ref "/macsec" >}} "MACsec")|Media Access Control Security|Key Agreement|Ethernet|2| |[MACsec]({{< ref "/macsec" >}} "MACsec")|Media Access Control Security|Confidentiality|Pre-Shared Keys|Ethernet|2|
|[CHAP]({{< ref "/pap" >}} "CHAP")|Challenge-Handshake Authentication Protocol|Authentication|PPP (Point-to-Ponit)|2| |[CHAP]({{< ref "/pap" >}} "CHAP")|Challenge-Handshake Authentication Protocol|User Authentication|Hash, Challenge & Pre-Shared Secret|PPP (Point-to-Point)|2|
|[PAP]({{< ref "/pap" >}} "PAP")|Password Authentication Protocol|Authentication|PPP (Point-to-Ponit)|2| |[PAP]({{< ref "/pap" >}} "PAP")|Password Authentication Protocol|User Authentication|Username & Password|PPP (Point-to-Point)|2|
|**Network Layer**| |**Network Layer**|
|[AH]({{< ref "/ipsec" >}} "AH")|Authentication Header|Authentication|IPsec|3-4| |[AH]({{< ref "/ipsec" >}} "AH")|Authentication Header|Data Authentication & Integrity|Hash & Pre-Shared Secret|IPsec|3-4|
|[ESP]({{< ref "/ipsec" >}} "ESP")|Encapsulating Security Payload|Authentication and Encryption|IPsec|3-4| |[ESP]({{< ref "/ipsec" >}} "ESP")|Encapsulating Security Payload|Data Authentication, Integrity & Confidentiality|Hash, Pre-Shared Secret & Encryption|IPsec|3-4|
|[IKEv2]({{< ref "/ipsec" >}} "IKEv2")|Internet Key Exchange|Authentication and Key Exchange|IPsec|3-4| |[IKEv2]({{< ref "/ipsec" >}} "IKEv2")|Internet Key Exchange|User Authentication and Confidentiality|Diffie-Hellman Key Agreement & X.509 Certificates|IPsec|3-4|
|**Transport Layer**| |**Transport Layer**|
|[TLS/SSL]({{< ref "/tls" >}} "TLS/SSL")|Transport Layer Security/Secure Sockets Layer|Authentication, Key Exchange, and Encryption|TCP|4-7| |[TLS/SSL]({{< ref "/tls" >}} "TLS/SSL")|Transport Layer Security/Secure Sockets Layer|User Authentication & Confidentiality|Diffie-Hellman Key Agreement & X.509 Certificates|TCP|4-7|
|[DTLS]({{< ref "/dtls" >}} "DTLS")|Datagram Transport Layer Security|Authentication, Key Exchange, and Encryption|UDP|4| |[DTLS]({{< ref "/dtls" >}} "DTLS")|Datagram Transport Layer Security|User Authentication & Confidentiality|Diffie-Hellman Key Agreement & X.509 Certificates|UDP|4|
|[SRTP/ZRTP]({{< ref "/rtp" >}} "SRTP/ZRTP")|(Secure) Real-Time Transport Protocol|Authentication, Key Agreement, and Encryption|RTP|4-7| |[SRTP/ZRTP]({{< ref "/rtp" >}} "SRTP/ZRTP")|(Secure) Real-Time Transport Protocol|Data Authentication, Integrity & Confidentiality|Diffie-Hellman and Hash Key Agreement, Encryption & MAC|RTP|4-7|
|**Application Layer**| |**Application Layer**|
|[SSH]({{< ref "/ssh" >}} "SSH")|Secure Shell Protocol|Authentication and Encryption|-|7| |[SSH]({{< ref "/ssh" >}} "SSH")|Secure Shell Protocol|User Authentication, Integrity & Confidentiality|Diffie-Hellman Key Agreement, X.509 Certificates, MAC, Password or Public Key Authentication & Encryption|-|7|
|[OpenVPN]({{< ref "/vpn" >}} "OpenVPN")|Open Virtual Private Network|Authentication and Encryption|VPN|2-7| |[OpenVPN]({{< ref "/vpn" >}} "OpenVPN")|Open Virtual Private Network|User Authentication, Integrity, Confidentiality|Pre-Shared Keys, Diffie-Hellman Key Agreement (TLS), X.509 Certificates, Username & Password, MAC, Encryption|VPN|2-7|
|[WireGuard]({{< ref "/vpn" >}} "WireGuard")|WireGuard Virtual Private Network|Authentication and Encryption|VPN|2-7| |[WireGuard]({{< ref "/vpn" >}} "WireGuard")|WireGuard Virtual Private Network|Data Authentication, Integrity, Confidentiality|Diffie-Hellman Key Agreement, MAC & Encryption|VPN|2-7|
|[DNSSEC]({{< ref "/dnssec" >}} "DNSSEC")|Domain Name System Security Extensions|Authentication, Key Management, and Signing|IP|7| |[DNSSEC]({{< ref "/dnssec" >}} "DNSSEC")|Domain Name System Security Extensions|Data Authentication & Integrity|Digital Signatures & Certificates|IP|7|
|[S-MIME/PGP-MIME]({{< ref "/smime" >}} "S-MIME/PGP-MIME")|Secure Multipurpose Internet Mail Extension|Encryption and Signing|E-Mail|7| |[S-MIME/PGP-MIME]({{< ref "/smime" >}} "S-MIME/PGP-MIME")|Secure Multipurpose Internet Mail Extension|Data Authentication, Integrity & Confidentiality|Hybrid Encryption & Digital Signatures|E-Mail|7|
|[PGP/GPG]({{< ref "/pgp" >}} "PGP/GPG")|Pretty Good Privacy/GNU Privacy Guard|Encryption and Signing|Several|7| |[PGP/GPG]({{< ref "/pgp" >}} "PGP/GPG")|Pretty Good Privacy/GNU Privacy Guard|Data Authentication, Integrity & Confidentiality|Hybrid Encryption & Digital Signatures|E-Mail|7|
|[Kerberos/PKINIT]({{< ref "/pkinit" >}} "Kerberos/PKINIT")|Authentication Service|Authentication|Network Communication|7| |[Kerberos/PKINIT]({{< ref "/pkinit" >}} "Kerberos/PKINIT")|Authentication Service|User Authentication|Username, Password & Encryption|Network Communication|7|
|[SSO (OAuth/LDAP/SAML/RADIUS)]({{< ref "/sso" >}} "SSO (OAuth/LDAP/SAML/RADIUS)")|Single Sign-on|Authentication|Network Communication|7| |[SSO (OAuth/LDAP/SAML/RADIUS)]({{< ref "/sso" >}} "SSO (OAuth/LDAP/SAML/RADIUS)")|Single Sign-on|User Authentication|Depends on Used Protocol|Network Communication|7|
|[SFTP]({{< ref "/sftp" >}} "SFTP")|SSH File Transfer Protocol|Authentication and Encryption|File Transfer|7| |[SFTP]({{< ref "/sftp" >}} "SFTP")|SSH File Transfer Protocol|User Authentication and Confidentiality|SSH & Encryption|File Transfer|7|
----------------------------------------------------------------------------------- -----------------------------------------------------------------------------------
##### [Certificates and Cryptographic Standards]({{< ref "/certs" >}} "Certificates and Cryptographic Standards") ##### [Certificates and Cryptographic Standards]({{< ref "/certs" >}} "Certificates and Cryptographic Standards")
......
...@@ -363,6 +363,9 @@ weight: 8 ...@@ -363,6 +363,9 @@ weight: 8
###### [VM12] ###### [VM12]
[V. Vasić and M. Mikuc. Security Agility Solution Independent of the Underlaying Protocol Architecture. In AT, 918 of CEUR Workshop Proceedings, pages 128–137. CEUR-WS.org, 2012.](https://www.semanticscholar.org/paper/Security-Agility-Solution-Independent-of-the-Vasic-Mikuc/489054a1f28eb26b1baa1a9f0caff2306c821695.) [V. Vasić and M. Mikuc. Security Agility Solution Independent of the Underlaying Protocol Architecture. In AT, 918 of CEUR Workshop Proceedings, pages 128–137. CEUR-WS.org, 2012.](https://www.semanticscholar.org/paper/Security-Agility-Solution-Independent-of-the-Vasic-Mikuc/489054a1f28eb26b1baa1a9f0caff2306c821695.)
###### [WAG+21]
[Wiesmaier, A., Alnahawi, N., Grasmeyer, T., Geißler, J., Zeier, A., Bauspieß, P., & Heinemann, A. (2021). On PQC Migration and Crypto-Agility. arXiv preprint arXiv:2106.09599.](https://arxiv.org/abs/2106.09599)
###### [WaSt20] ###### [WaSt20]
[Wang, W., & Stöttinger, M. (2020). Post-Quantum Secure Architectures for Automotive Hardware Secure Modules. IACR Cryptol. ePrint Arch., 2020, 26](https://eprint.iacr.org/2020/026.pdf) [Wang, W., & Stöttinger, M. (2020). Post-Quantum Secure Architectures for Automotive Hardware Secure Modules. IACR Cryptol. ePrint Arch., 2020, 26](https://eprint.iacr.org/2020/026.pdf)
......
...@@ -22,3 +22,4 @@ A collection of survey papers and references dealing with general challenges and ...@@ -22,3 +22,4 @@ A collection of survey papers and references dealing with general challenges and
- [A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks](https://www.sciencedirect.com/science/article/abs/pii/S2542660520300159#!) Open research challenges and future research directions in the field of IoT networks [[LLJ20]](../refs#llj20). - [A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks](https://www.sciencedirect.com/science/article/abs/pii/S2542660520300159#!) Open research challenges and future research directions in the field of IoT networks [[LLJ20]](../refs#llj20).
- [Post-quantum cryptography and 5G security: tutorial](https://dl.acm.org/doi/pdf/10.1145/3317549.3324882) On advancing the 3GPP 5G standards and NIST post-quantum cryptography standards in tandem, with the goal of launching a "quantum ready" 5G core network [[CMC19]](../refs#cmc19). - [Post-quantum cryptography and 5G security: tutorial](https://dl.acm.org/doi/pdf/10.1145/3317549.3324882) On advancing the 3GPP 5G standards and NIST post-quantum cryptography standards in tandem, with the goal of launching a "quantum ready" 5G core network [[CMC19]](../refs#cmc19).
- [SoK: How (not) to Design and Implement Post-Quantum Cryptography](https://eprint.iacr.org/2021/462.pdf) Current state of knowledge on post-quantum cryptography. Trends, common methodologies, and pitfalls to look for and recurrent challenges [[HPA21]](../refs#hpa21). - [SoK: How (not) to Design and Implement Post-Quantum Cryptography](https://eprint.iacr.org/2021/462.pdf) Current state of knowledge on post-quantum cryptography. Trends, common methodologies, and pitfalls to look for and recurrent challenges [[HPA21]](../refs#hpa21).
- [On PQC Migration and Crypto-Agility](https://arxiv.org/abs/2106.09599) A literature survey and a snapshot of the discovered challenges and solutions categorized in different areas offering a single entry-point into the subject reflecting the current state [[WAG+21]](../refs#wag21).
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment