Commit 6f1f49ce authored by Nouri-Alnahawi's avatar Nouri-Alnahawi
Browse files

add new resources and refs

parent e7303b29
Pipeline #71530 passed with stages
in 1 minute and 22 seconds
......@@ -6,18 +6,17 @@ draft: false
type: docs
weight: 2
---
- eUCRITE API
- [Security Issues on the CNG Cryptography Library (Cryptography API: Next Generation)](https://ieeexplore.ieee.org/document/6603762) This paper introduces structure, features, and programming techniques of CNG, which was released as a substitute of the previous CAPI (Cryptography API) library from Microsoft.
- [Zur Benutzbarkeit und Verwendung von API-Dokumentationen](https://dl.gi.de/handle/20.500.12116/33515) Showcases requirements for a good security API. [[HZHW20]](../../refs#hzhw20)
- Research on CA mechanism
- [On the importance of cryptographic agility for industrial automation](https://www.degruyter.com/document/doi/10.1515/auto-2019-0019/html) This work motivates cryptographic agility by discussing the threat of quantum computers to moderncryptography. [[PN19]](../../refs#pn19)
- [On the importance of cryptographic agility for industrial automation](https://www.degruyter.com/document/doi/10.1515/auto-2019-0019/html) This work motivates cryptographic agility by discussing the threat of quantum computers to modern cryptography [[PN19]](../../refs#pn19)
- [Security issues on the CNG cryptography library (Cryptography API: Next Generation)](https://ieeexplore.ieee.org/document/6603762) Next Generation from Microsoft to exchange cryptographic algorithms without any change to the code of the program [[LLP+13]](../../refs#llp13)
- [API Usability of Stateful Signature Schemes](https://link.springer.com/chapter/10.1007/978-3-030-26834-3_13) Easy-to-use API design for stateful signature schemes [[ZWH19]](../../refs#zwh19)
- CA as design principle
- [PQFabric: A Permissioned Blockchain Secure from Both Classical and Quantum Attacks](https://arxiv.org/abs/2010.06571) Proposes a redesign of Fabric's credential-management procedures and related specifications in order to incorporate hybrid digital signatures, protecting against both classical and quantum attacks using one classical and one quantum-safe signature. [[HPDM20]](../../refs#hpdm20)
- [Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems](http://www.thinkmind.org/index.php?view=article&articleid=vehicular_2015_1_30_30028) This paper proposes a multi-domain PKI architecture for intelligent transportation systems, which considers the necessities of road infrastructure authorities and vehicle manufacturers, today. [[UWK15]](../../refs#uwk15)
- [PQFabric: A Permissioned Blockchain Secure from Both Classical and Quantum Attacks](https://arxiv.org/abs/2010.06571) Proposes a redesign of Fabric's credential-management procedures and related specifications in order to incorporate hybrid digital signatures, protecting against both classical and quantum attacks using one classical and one quantum-safe signature [[HPDM20]](../../refs#hpdm20)
- [Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems](http://www.thinkmind.org/index.php?view=article&articleid=vehicular_2015_1_30_30028) This paper proposes a multi-domain PKI architecture for intelligent transportation systems, which considers the necessities of road infrastructure authorities and vehicle manufacturers, today [[UWK15]](../../refs#uwk15)
- Eval crypto libs
- [Comparing the Usability of Cryptographic APIs](https://ieeexplore.ieee.org/document/7958576) This paper is the first to examine both how and why the design and resulting usability of different cryptographic libraries affects the security of code written with them. [[ABF+17]](../../refs#abf17)
- [Comparing the Usability of Cryptographic APIs](https://ieeexplore.ieee.org/document/7958576) This paper is the first to examine both how and why the design and resulting usability of different cryptographic libraries affects the security of code written with them [[ABF+17]](../../refs#abf17)
- Eval code examples for crypto libs
- [Usability and Security Effects of Code Examples on Crypto APIs](https://ieeexplore.ieee.org/document/8514203) Platform for cryptographic code examples that improves the usability and security of created applications by non security experts. [[MW18]](../../refs#mw18)
- [Fluid Intelligence Doesn't Matter! Effects of Code Examples on the Usability of Crypto APIs](https://arxiv.org/abs/2004.03973) Researches whether similarity and Gf also have an effect in the context of using cryptographic APIs.[[MW20]](../../refs#mw20)
- [Usability and Security Effects of Code Examples on Crypto APIs](https://ieeexplore.ieee.org/document/8514203) Platform for cryptographic code examples that improves the usability and security of created applications by non security experts [[MW18]](../../refs#mw18)
- [Fluid Intelligence Doesn't Matter! Effects of Code Examples on the Usability of Crypto APIs](https://arxiv.org/abs/2004.03973) Researches whether similarity and Gf also have an effect in the context of using cryptographic APIs [[MW20]](../../refs#mw20)
- Eval docum. system for crypto libs
- [Zur Benutzbarkeit und Verwendung von API-Dokumentationen](https://dl.gi.de/handle/20.500.12116/33515) Showcases requirements for a good security API. [[HZHW20]](../../refs#hzhw20)
- [Zur Benutzbarkeit und Verwendung von API-Dokumentationen](https://dl.gi.de/handle/20.500.12116/33515) Showcases requirements for a good security API [[HZHW20]](../../refs#hzhw20)
......@@ -14,6 +14,7 @@ Evaluation of the performance of PQC algorithms in various facets, classified in
- Improvements to PQC algorithms:
- [Performance Optimization of Lattice Post-Quantum Cryptographic Algorithms on Many-Core Processors](https://ieeexplore.ieee.org/abstract/document/9238630?casa_token=j7T_SBR8ECgAAAAA:Skx0Ze-JY3YP5CSLn20TOmrWviAP_-aUZ0b9W_gpR5fDpO8AWLigR52JC4qZVPTbLlIzv-3p2g) 52% and 83% improvement in performance for the CRYSTALS-Kyber KEM SHA3 variant and AES variant through Vectorization [[KKP20]](../../refs#kkp20)
- [Memory-Efficient High-Speed Implementation of Kyber on Cortex-M4](http://link.springer.com/10.1007/978-3-030-23696-0_11) Optimized software implementation of Kyber for the ARM Cortex-M4 microcontroller [[BKS19]](../../refs#bks19)
- [CTIDH: Faster Constant-Time CSIDH](https://eprint.iacr.org/2021/633.pdf) Speed records for constant-time CSIDH (Commutative Supersingular Isogeny Diffie–Hellman) through combining a new key space with a new algorithm [[BBC+21]](../../refs#bbc21)
- Lattice-based vs. Isogeny-based:
- [Towards Post-Quantum Security for Cyber-Physical Systems: Integrating PQC into Industrial M2M Communication](https://link.springer.com/chapter/10.1007/978-3-030-59013-0_15) Two solutions for the integration of PQ primitives into the industrial protocol Open Platform Communications Unified Architecture (OPC UA) [[PASC20]](../../refs#pasc20)
- [Incorporating Post-Quantum Cryptographyin a Microservice Environment](https://homepages.staff.os3.nl/~delaat/rp/2019-2020/p13/report.pdf) On the practical feasibility of using PQCin a microservice architecture [[WvdG20]](../../refs#wvdg20)
......
......@@ -17,3 +17,5 @@ weight: 4
- [The TLS Post-Quantum Experiment](https://blog.cloudflare.com/the-tls-post-quantum-experiment/): Experiment between google and cloudflare comparing three groups using post-quantum CECPQ2, CECPQ2b or non-post-quantum X25519.[[KV19]](../../refs#kv19)
- Hybrid Certificates:
- [X.509-Compliant Hybrid Certificates for the Post-Quantum Transition](http://tubiblio.ulb.tu-darmstadt.de/115809/): Parallel usage of two independent cryptographic schemes within public key infrastructures enabling a stepwise transition to post-quantum secureand hybrid algorithms [[BBG+19]](../../refs#bbg19)
- PQC protocol integration:
- [Post-Quantum Kryptographie - Classic McEliece](/docs/migration/McEliece.pdf) Introducing a new ASN.1 PQ key format and an evaluation of PQ integration for several cryptographic protocols [[Meun21]](../../refs#meun21)
......@@ -5,6 +5,6 @@ draft: false
type: docs
weight: 1
---
The [eUCRITE API](https://use-a-pqclib.h-da.io/eucrite-documentation/) is a PQC library interface, that provides quantum-resistant cryptographic schemes in abstract manner. It provides not only PQC-based encryption, but also signature schemes. The end-user has the choice between three different security levels based on the strenght and performance of the chosen algorithems. This abstraction aims at supporting crypt-agility and is expected to make using PQC-schemes easier. Collaborations on our cryptographic API, and a special update mechanism for said API are also under development.
The [eUCRITE API](https://use-a-pqclib.h-da.io/eucrite-documentation/) is a PQC library interface, that provides quantum-resistant cryptographic schemes in abstract manner. It provides not only PQC-based encryption, but also signature schemes. The end-user has the choice between three different security levels based on the strenght and performance of the chosen algorithems. This abstraction aims at supporting crypt-agility and is expected to make using PQC-schemes easier [[Zei20]](../../refs#zei20). Collaborations on our cryptographic API, and a special update mechanism for said API are also under development.
![eUCRITE API](/docs/projects/eUCRITE.png)
......@@ -39,6 +39,9 @@ weight: 10
###### [BBC+20]
[D. Bernstein, B. Brumley, M. Chen, C. Chuengsatiansup, T. Lange, A. Marotzke, N. Tuveri, C. van Vredendaal, and B. Yang. Ntru prime: round 3 20201007. 2020](https://ntruprime.cr.yp.to/nist/ntruprime-20201007.pdf)
###### [BBC+21]
[G. Banegas, D. J. Bernstein, F. Campos, T. Chou, T. Lange, M. Meyer, B. Smith and J. Sotáková. CTIDH: faster constant-time CSIDH. 2021. Cryptology ePrint Archive, Report 2021/633](https://eprint.iacr.org/2021/633)
###### [BBG+19]
[Bindel, N., Braun, J., Gladiator, L., Stöckert, T., & Wirth, J. (2019). X. 509-compliant hybrid certificates for the post-quantum transition. Journal of Open Source Software, 4(40), 1606](https://joss.theoj.org/papers/10.21105/joss.01606)
......@@ -184,7 +187,7 @@ weight: 10
[A. Langley. 2019. Real-world measurements of structured-lattices and supersin-gular isogenies in TLS](https://www.imperialviolet.org/2019/10/30/pqsivssl.html)
###### [LLP+13]
[K. Lee, Y. Lee, J. Park, K. Yim, and I. You. Security issues on the cng cryptography library (cryptography api: Next generation). In Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on, pages 709713. IEEE, 2013.](https://ieeexplore.ieee.org/document/6603762)
[K. Lee, Y. Lee, J. Park, K. Yim and I. You, "Security Issues on the CNG Cryptography Library (Cryptography API: Next Generation)," 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, 2013, pp. 709-713, doi: 10.1109/IMIS.2013.128](https://ieeexplore.ieee.org/document/6603762)
###### [MAA+20]
[D. Moody, G. Alagic, D. C Apon, D. A. Cooper, Q. H. Dang, J. M. Kelsey, Y.Liu, C. A. Miller, R. C. Peralta, R. A. Perlner, A. Y. Robinson, D. C. Smith-Tone,and J. Alperin-Sheriff. 2020. Status report on the second round of the NISTpost-quantum cryptography standardization process.](https://doi.org/10.6028/NIST.IR.8309)
......@@ -198,6 +201,9 @@ weight: 10
###### [MdJvH+20]
[M. Müller, J. de Jong, M. van Heesch, B. Overeinder, and R. van Rijswijk-Deij. Retrofitting post-quantum cryptography in internet protocols: a case study of DNSSEC. 50(4):49–57, 2020. doi:10.1145/3431832.3431838.](https://dl.acm.org/doi/10.1145/3431832.3431838)
###### [Meun21]
[Robin Meunier. Post-Quantum Kryptographie - Classic McEliece. 2021 Master Thesis. Darrmstadt University of Applied Sciences. Faculty of Computer Science.]((/docs/migration/McEliece.pdf))
###### [MPD+18]
[L. Malina, L. Popelova, P. Dzurenda, J. Hajny, and Z. Martinasek. 2018. On Feasibility of Post-Quantum Cryptography on Small Devices (15th IFAC Conference on Programmable Devices and Embedded Systems PDeS 2018), Vol. 51. 462–467](https://www.sciencedirect.com/science/article/pii/S2405896318308474)
......@@ -230,7 +236,7 @@ weight: 10
###### [OPP19]
[D. Ott, C. Peikert, and participants. 2019. Identifying Research Challengesin Post Quantum Cryptography Migration and Cryptographic Agility. (Sept.2019).](https://cra.org/crn/2019/10/research-challenges-in-post-quantum-cryptography-migration-and-cryptographic-agility/)
###### Our paper
###### [PASC20]
[S. Paul and P. Scheible. 2020. Towards Post-Quantum Security for Cyber-Physical Systems: Integrating PQC into Industrial M2M Communication. InComputerSecurity – ESORICS 2020. Vol. 12309. Springer International Publishing, 295–316](https://link.springer.com/chapter/10.1007/978-3-030-59013-0_15)
......@@ -285,6 +291,9 @@ weight: 10
###### [Zei20]
[A. Zeier. 08.12.2020. eucrite 1.0 API.](https://use-a-pqclib.h-da.io/eucrite-documentation/)
###### [ZWH19]
[A. Zeier, A. Wiesmaier, and A. Heinemann. API Usability of Stateful Signature Schemes. In The 14th International Workshop on Security (IWSEC), LNCS 11689, pages 1–20. Springer Switzerland, August 2019](https://link.springer.com/chapter/10.1007/978-3-030-26834-3_13)
###### [ZWH21]
[A. Zeier, A. Wiesmaier, and A. Heinemann. Zur Integration von Post-Quantum Verfahren in bestehende Softwarepodukte. In German Federal Office for Information Security (BSI), editor, Tagungsband zum 17. Deutschen IT-Sicherheitskongress, pages 381 – 391. SecuMedia Verlag, Ingelheim, Germany, March 2021.](https://arxiv.org/pdf/2102.00157v1)
......
......@@ -11,7 +11,6 @@ A collection of survey papers and references dealing with general challenges and
*A full reference list can be found in the [references](../refs) section. All references are listed in alphabetical order.*
- [Identifying Research Challenges in Post Quantum Cryptography Migration and Cryptographic Agility](http://arxiv.org/abs/1909.07353): A wide range of topics and challenges at a high abstraction level grouped into categories of PQC migration and crypto-agility [[OPp19]](../refs#opp19)
- [Our Paper] [[paper]](../refs#paper)
- [Getting Ready for Post-Quantum Cryptography](https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04282021.pdf): Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms [[BPS20]](../refs#bps20).
- [Practical Post-Quantum Cryptography](https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Practical.PostQuantum.Cryptography_WP_FraunhoferSIT.pdf?_=1503992279): White paper from the Fraunhofer Institute for Secure Information Technology SIT addressing challenges of PQC migration and comparison of PQC algorithms [[NIWA17]](../refs#niwa17).
- [From Pre-Quantum to Post-Quantum IoT Security](https://ieeexplore.ieee.org/document/8932459): Challenges for PQC in IoT and comparison of the performance of PQC algorithms [[FC20]](../refs#fc20).
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment