Commit f96280ba authored by Nouri-Alnahawi's avatar Nouri-Alnahawi
Browse files

merge dev into master

parent 9fb0beb7
Pipeline #73558 passed with stage
in 1 minute and 23 seconds
public/
node_modules/
resources/
/resources/
resources/*
*.json
# All available Hugo versions are listed here: https://gitlab.com/pages/hugo/container_registry
image: registry.gitlab.com/pages/hugo:latest
image: registry.gitlab.com/pages/hugo/hugo_extended
variables:
GIT_SUBMODULE_STRATEGY: recursive
MINDMAP_OUT_PATH: ./layouts/shortcodes/mindmap.html
MINDMAP_IN_PATH: ./mindmap_gen/mindmap.md
MINDMAP_SCRIPT_PATH: ./mindmap_gen/mindmap_gen.py
test:
.job_templae: &script
before_script:
- apk add --update npm nodejs python3
- npm update
- npm install -D --save autoprefixer
- npm install -D --save postcss-cli
- npm install -D --save markmap-lib
- npm install -D --save markmap-cli
script:
- hugo
except:
- master
- python3 $MINDMAP_SCRIPT_PATH -d $(pwd)/content # Generate the mindmap md file
- npx markmap-cli -o $MINDMAP_OUT_PATH $MINDMAP_IN_PATH # Convert mindmap md file to html
- sed -i 's/100v/60v/g' $(pwd)/layouts/shortcodes/mindmap.html # Replaces the width and hight of mindmap with suitable values
- hugo --minify --gc
test:
<<: *script
pages:
<<: *script
artifacts:
paths:
- public
only:
- dev
[submodule "themes/docsy"]
path = themes/docsy
url = https://github.com/google/docsy.git
This diff is collapsed.
![Build Status](https://gitlab.com/pages/hugo/badges/master/build.svg)
![Build Status](https://code.fbi.h-da.de/cspub/cma/-/pipelines)
---
Example [Hugo] website using GitLab Pages.
[Hugo][] [Docsy][] website using GitLab Pages.
Learn more about GitLab Pages at https://pages.gitlab.io and the official
documentation https://docs.gitlab.com/ce/user/project/pages/.
---
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
**Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)*
**Table of Contents**
- [GitLab CI](#gitlab-ci)
- [Building locally](#building-locally)
- [GitLab User or Group Pages](#gitlab-user-or-group-pages)
- [Did you fork this project?](#did-you-fork-this-project)
- [Troubleshooting](#troubleshooting)
- [Preview your site](#preview-your-site)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
## GitLab CI
......@@ -30,46 +25,22 @@ defined in [`.gitlab-ci.yml`](.gitlab-ci.yml).
To work locally with this project, you'll have to follow the steps below:
1. Fork, clone or download this project
1. [Install][] Hugo
1. Preview your project: `hugo server`
1. Add content
1. Generate the website: `hugo` (optional)
1. Fork, clone or download this project (Make sure to also recursively clone the submodules)
2. [Install][] Hugo extended version
3. Preview your project on local host zsing the command `hugo server`
4. Add or edit content etc.
5. Generate the website locally (optional) with the command `hugo --minify --gc --destination public`
Read more at Hugo's [documentation][].
### Preview your site
If you clone or download this project to your local computer and run `hugo server`,
your site can be accessed under `localhost:1313/hugo/`.
your site can be accessed under `localhost:1313`.
The theme used is adapted from http://themes.gohugo.io/beautifulhugo/.
## GitLab User or Group Pages
To use this project as your user/group website, you will need one additional
step: just rename your project to `namespace.gitlab.io`, where `namespace` is
your `username` or `groupname`. This can be done by navigating to your
project's **Settings**.
You'll need to configure your site too: change this line
in your `config.toml`, from `"https://pages.gitlab.io/hugo/"` to `baseurl = "https://namespace.gitlab.io"`.
Proceed equally if you are using a [custom domain][post]: `baseurl = "http(s)://example.com"`.
Read more about [user/group Pages][userpages] and [project Pages][projpages].
## Troubleshooting
1. CSS is missing! That means two things:
Either that you have wrongly set up the CSS URL in your templates, or
your static generator has a configuration option that needs to be explicitly
set in order to serve static assets under a relative URL.
[ci]: https://about.gitlab.com/gitlab-ci/
[hugo]: https://gohugo.io
[install]: https://gohugo.io/overview/installing/
[documentation]: https://gohugo.io/overview/introduction/
[userpages]: http://doc.gitlab.com/ee/pages/README.html#user-or-group-pages
[projpages]: http://doc.gitlab.com/ee/pages/README.html#project-pages
[post]: https://about.gitlab.com/2016/04/07/gitlab-pages-setup/#custom-domains
[docsy]: https://github.com/google/docsy/
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---
baseurl = "https://pages.gitlab.io/hugo/"
contentdir = "content"
layoutdir = "layouts"
publishdir = "public"
title = "Beautiful Hugo"
canonifyurls = true
DefaultContentLanguage = "en"
theme = "beautifulhugo"
metaDataFormat = "yaml"
pygmentsUseClasses = true
pygmentCodeFences = true
#disqusShortname = "XXX"
#googleAnalytics = "XXX"
[Params]
subtitle = "Hugo Blog Template for GitLab Pages"
logo = "img/avatar-icon.png"
favicon = "img/favicon.ico"
dateFormat = "January 2, 2006"
commit = false
rss = true
comments = true
# gcse = "012345678901234567890:abcdefghijk" # Get your code from google.com/cse. Make sure to go to "Look and Feel" and change Layout to "Full Width" and Theme to "Classic"
#[[Params.bigimg]]
# src = "img/triangle.jpg"
# desc = "Triangle"
#[[Params.bigimg]]
# src = "img/sphere.jpg"
# desc = "Sphere"
#[[Params.bigimg]]
# src = "img/hexagon.jpg"
# desc = "Hexagon"
baseURL = "/"
relativeURLs = true
languageCode = "en-us"
title = "Cryptographic Migration & Agility"
enableRobotsTXT = true
theme = ["docsy"]
disableKinds = ["taxonomy", "term"]
# Language settings
contentDir = "content"
defaultContentLanguage = "en"
[Author]
name = "Some Person"
email = "youremail@domain.com"
facebook = "username"
googleplus = "+username" # or xxxxxxxxxxxxxxxxxxxxx
gitlab = "username"
github = "username"
twitter = "username"
reddit = "username"
linkedin = "username"
xing = "username"
stackoverflow = "users/XXXXXXX/username"
snapchat = "username"
instagram = "username"
youtube = "user/username" # or channel/channelname
soundcloud = "username"
spotify = "username"
bandcamp = "username"
itchio = "username"
keybase = "username"
[[menu.main]]
name = "Blog"
url = ""
weight = 1
[[menu.main]]
name = "About"
url = "page/about/"
weight = 3
[[menu.main]]
identifier = "samples"
name = "Samples"
weight = 2
[[menu.main]]
parent = "samples"
name = "Big Image Sample"
url = "post/2017-03-07-bigimg-sample"
weight = 1
[[menu.main]]
parent = "samples"
name = "Math Sample"
url = "post/2017-03-05-math-sample"
weight = 2
[[menu.main]]
parent = "samples"
name = "Code Sample"
url = "post/2016-03-08-code-sample"
weight = 3
[[menu.main]]
name = "Tags"
url = "tags"
weight = 3
name = "Nouri Alnahawi"
email = "nouri.alnahawi@h-da.de"
# Highlighting config
pygmentsCodeFences = true
pygmentsUseClasses = false
# Use the new Chroma Go highlighter in Hugo.
pygmentsUseClassic = false
#pygmentsOptions = "linenos=table"
# See https://help.farbox.com/pygments.html
pygmentsStyle = "tango"
disableKinds = ["taxonomy", "term"]
# Configure how URLs look like per section.
[permalinks]
blog = "/:section/:year/:month/:day/:slug/"
# Image processing configuration.
[imaging]
resampleFilter = "CatmullRom"
quality = 75
anchor = "smart"
[markup]
[markup.goldmark]
[markup.goldmark.renderer]
unsafe = true
[markup.highlight]
# See a complete list of available styles at https://xyproto.github.io/splash/docs/all.html
style = "tango"
# Uncomment if you want your chosen highlight style used for code blocks without a specified language
# guessSyntax = "true"
[params]
copyright = "Darmstadt University of Applied Sciences"
# Repository configuration (URLs for in-page links to opening issues and suggesting changes)
#github_repo = "https://code.fbi.h-da.de/cspub/cma"
# User interface configuration
[params.ui]
# Enable to show the side bar menu in its compact state.
sidebar_menu_compact = false
# Set to true to disable breadcrumb navigation.
breadcrumb_disable = false
# Set to true to hide the sidebar search box (the top nav search box will still be displayed if search is enabled)
sidebar_search_disable = true
# Set to false if you don't want to display a logo (/assets/icons/logo.svg) in the top nav bar
navbar_logo = false
# Set to true to disable the About link in the site footer
footer_about_disable = false
[params.links]
# End user relevant links. These will show up on left side of footer and in the community page if you have one.
[[params.links.developer]]
name = "E-Mail"
url = "mailto:nouri.alnahawi@h-da.de"
icon = "fa fa-envelope"
desc = "E-Mail Contact"
# Developer relevant links. These will show up on right side of footer and in the community page if you have one.
[[params.links.developer]]
name = "GitLab"
url = "https://code.fbi.h-da.de/cspub/cma"
icon = "fab fa-gitlab"
desc = "GitLab Repository of This Site"
[[params.links.developer]]
name = "Institute"
url = "https://fbi.h-da.de"
icon = "fa fa-university"
desc = "Visist our institute homepage"
[params.links.image]
image_url = "http://www.freepik.com"
text = "Background Image Designed by Freepik"
[params.links.impress]
url = "https://fbi.h-da.de/en/index.php?id=15"
text = "Impress"
[outputFormats]
[outputFormats.PRINT]
baseName = "index"
isHTML = true
mediaType = "text/html"
path = "_print"
permalinkable = false
+++
title = "Cryptographic Migration & Agility"
linkTitle = "Cryptographic Migration & Agility"
+++
{{< blocks/cover title="Cryptographic Migration & Agility" image_anchor="top" height="full" color="dark" >}}
<div class="mx-auto">
<a class="btn btn-lg btn-light mr-3 mb-4" href="{{< relref "/docs" >}}">
Content
<i class="fas fa-arrow-alt-circle-right ml-2"></i>
</a>
<!-- <a class="btn btn-lg btn-dark mr-3 mb-4" href="https://code.fbi.h-da.de/cspub/cma">
Original Paper <i class="fas fa-book ml-2 "></i>
</a> -->
<p class="display-4">An open community site for sharing any relevant research, findings, and solutions on PQC migration and cryptographic agility.</p>
{{< blocks/link-down color="white" >}}
</div>
{{< /blocks/cover >}}
{{< blocks/lead color="primary" >}}
Post-quantum cryptographic schemes have been under development for several years. Very soon there will be standardized post-quantum algorithms replacing the previous standards, which will eventually become obsolete. In order for quantum-resistant cryptographic Measures to be utilized, one needs more than simply developing secure post-quantum algorithms. The migration towards PQC poses great challenges on different levels. Those are not only restricted to the integration into existing protocols, but also include performance issues such as hardware specifications and memory usage, and especially the uncertainty of long term security of the new algorithm families. Moreover, a major challenge lies within finding suitable means of communicating and negotiating new algorithms and protocol parameters between different IT-systems. This leads to the urgent need for establishing the concept of crypto-agility, so as to be prepared for the rapid changes of cryptography, and insure the compatibility in all possible scenarios and settings.
{{< /blocks/lead >}}
{{< blocks/section color="dark" >}}
{{% blocks/feature icon="fas fa-user-secret" title="Applied Cyber-Security" url="https://fbi.h-da.de/en/research/research-groups/applied-cyber-security-darmstadt" %}}
Applied Cyber-Security research group at Darmstadt University of Applied Sciences
{{% /blocks/feature %}}
{{% blocks/feature icon="fa-user-shield" title="User-Centered Security" url="https://fbi.h-da.de/en/research/research-groups/user-centered-security" %}}
User-Centered Security research group at Darmstadt University of Applied Sciences
{{% /blocks/feature %}}
{{% blocks/feature icon="fab fa-gitlab" title="Contributions Welcome!" url="https://code.fbi.h-da.de/cspub/cma" %}}
Send a Pull Request to our repository on **GitLab** to contribute to this site
{{% /blocks/feature %}}
{{< /blocks/section >}}
## Front Page Content
This website is powered by [GitLab Pages](https://about.gitlab.com/features/pages/)
/ [Hugo](https://gohugo.io) and can be built in under 1 minute.
Literally. It uses the `beautifulhugo` theme which supports content on your front page.
Edit `/content/_index.md` to change what appears here. Delete `/content/_index.md`
if you don't want any content here.
Head over to the [GitLab project](https://gitlab.com/pages/hugo) to get started.
---
title: "Contributors"
linktitle: "Contributors"
date: 2021-05-05T22:18:28+02:00
draft: false
type: docs
weight: 10
---
This site was initiated by the research groups [Applied Cyber-Security](https://fbi.h-da.de/forschung/arbeitsgruppen/applied-cyber-security-darmstadt) and [User Centered Security](https://fbi.h-da.de/index.php?id=764) of [Darmstadt University of Applied Sciences](https://h-da.de/), funded by [ATHENE National Research Center for Applied Cybersecurity](https://www.athene-center.de).
A list of our kind contributors:
| Name | Affiliation | Contribution |
|--------------------------------|-------------|--------------|
||||
---
title: "Categorization Scheme"
linktitle: "Categorization Scheme"
date: 2021-05-05T22:20:34+02:00
draft: false
type: docs
weight: 2
menu:
main:
weight: 2
---
{{< mindmap >}}
---
title: "Cryptographic Migration & Agility"
linktitle: "Cryptographic Migration & Agility"
date: 2021-05-05T22:20:34+02:00
draft: false
type: docs
---
An open community site for sharing any relevant research, findings, and solutions on PQC migration and cryptographic agility.
---
title: "About Cryptographic Migration & Agility"
linktitle: "About Cryptographic Migration & Agility"
date: 2021-05-05T22:17:54+02:00
draft: false
type: docs
weight: 1
menu:
main:
weight: 1
---
Post-quantum cryptographic schemes have been under development for several years. Very soon there will be standardized post-quantum algorithms replacing the previous standards, which will eventually become obsolete. In order for quantum-resistant cryptographic Measures to be utilized, one needs more than simply developing secure post-quantum algorithms. The migration towards PQC poses great challenges on different levels. Those are not only restricted to the integration into existing protocols, but also include performance issues such as hardware specifications and memory usage, and especially the uncertainty of long term security of the new algorithm families. Moreover, a major challenge lies within finding suitable means of communicating and negotiating new algorithms and protocol parameters between different IT-systems. This leads to the urgent need for establishing the concept of crypto-agility, so as to be prepared for the rapid changes of cryptography, and insure the compatibility in all possible scenarios and settings.
---
title: "State of Agility"
linktitle: "State of Agility"
date: 2021-05-05T22:35:41+02:00
draft: false
type: docs
weight: 5
---
Aspects regarding the notion of cryptographic agility
---
title: "Development Considerations"
linktitle: "Development Considerations"
date: 2021-05-06T00:12:02+02:00
draft: false
type: docs
weight: 2
---
- Research on CA mechanism
- [On the importance of cryptographic agility for industrial automation](https://www.degruyter.com/document/doi/10.1515/auto-2019-0019/html) This work motivates cryptographic agility by discussing the threat of quantum computers to modern cryptography [[PN19]](../../refs#pn19)
- [Security issues on the CNG cryptography library (Cryptography API: Next Generation)](https://ieeexplore.ieee.org/document/6603762) Next Generation from Microsoft to exchange cryptographic algorithms without any change to the code of the program [[LLP+13]](../../refs#llp13)
- [API Usability of Stateful Signature Schemes](https://link.springer.com/chapter/10.1007/978-3-030-26834-3_13) Easy-to-use API design for stateful signature schemes [[ZWH19]](../../refs#zwh19)
- CA as design principle
- [PQFabric: A Permissioned Blockchain Secure from Both Classical and Quantum Attacks](https://arxiv.org/abs/2010.06571) Proposes a redesign of Fabric's credential-management procedures and related specifications in order to incorporate hybrid digital signatures, protecting against both classical and quantum attacks using one classical and one quantum-safe signature [[HPDM20]](../../refs#hpdm20)
- [Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems](http://www.thinkmind.org/index.php?view=article&articleid=vehicular_2015_1_30_30028) This paper proposes a multi-domain PKI architecture for intelligent transportation systems, which considers the necessities of road infrastructure authorities and vehicle manufacturers, today [[UWK15]](../../refs#uwk15)
- Eval crypto libs
- [Comparing the Usability of Cryptographic APIs](https://ieeexplore.ieee.org/document/7958576) This paper is the first to examine both how and why the design and resulting usability of different cryptographic libraries affects the security of code written with them [[ABF+17]](../../refs#abf17)
- Eval code examples for crypto libs
- [Usability and Security Effects of Code Examples on Crypto APIs](https://ieeexplore.ieee.org/document/8514203) Platform for cryptographic code examples that improves the usability and security of created applications by non security experts [[MW18]](../../refs#mw18)
- [Fluid Intelligence Doesn't Matter! Effects of Code Examples on the Usability of Crypto APIs](https://arxiv.org/abs/2004.03973) Researches whether similarity and Gf also have an effect in the context of using cryptographic APIs [[MW20]](../../refs#mw20)
- Eval docum. system for crypto libs
- [Zur Benutzbarkeit und Verwendung von API-Dokumentationen](https://dl.gi.de/handle/20.500.12116/33515) Showcases requirements for a good security API [[HZHW20]](../../refs#hzhw20)
---
title: "Frontiers of Cryptography"
linktitle: "Frontiers of Cryptography"
date: 2021-05-06T00:12:24+02:00
draft: false
type: docs
weight: 5
---
- Blockchains difficult
- [Stateful Hash-based Digital Signature Schemes for Bitcoin Cryptocurrency](https://ieeexplore.ieee.org/document/9043192) This research work presents basic analysis and the background understanding of Stateful Hash-based Signature Schemes, particularly the Lamport One-Time Signature Scheme, Winternitz One-Time Signature Scheme, and the Merkle Signature Scheme. [[NWAO19]](../../refs#nwao19)
- Satellites difficult
- [Quantum Resistant Authentication Algorithms for Satellite-Based Augmentation Systems](https://web.stanford.edu/group/scpnt/gpslab/pubs/papers/Neish_2018_IONITM_QuantumResistantAuthenticationUpdated.pdf) Introduces the cryptographic primitives necessary to understand the vulnerabilities in modern day cryptography due to quantum computing and investigates the use of TESLA and EC-Schnorr algorithms in broadcast systems. [[NWE19]](../../refs#nwe19)
- Cryptographic primitives handable
- [Cryptographic Agility and its Relation to Circular Encryption](https://eprint.iacr.org/2010/117) Researches whether wPRFs (weak-PRFs) are agile and whether every secure (IND-R) encryption scheme is secure when encrypting cycles. [[ABBC10]](../../refs#abbc10)
---
title: "Incentives"
linktitle: "Incentives"
date: 2021-05-06T00:12:16+02:00
draft: false
type: docs
weight: 4
---
- Ranking by best practice as incentive
- [Biggest Failures in Security](https://drops.dagstuhl.de/opus/volltexte/2020/11981/) Tries to identify the "biggest failures" in security and to get a comprehensive understanding on their overall impact on security. [[AVVY19]](../../refs#avvy19)
- Best practice for agility in protocols
- [Guidelines for Cryptographic Algorithm Agility and Selecting Mandatory-to-Implement Algorithms](https://tools.ietf.org/html/rfc7696) Provides guidelines to ensure that protocols have the ability to migrate from one mandatory-to-implement algorithm suite to another over time. [[Hou15]](../../refs#hou15)
- Building blocks of crypto-agility
- [On the importance of cryptographic agility for industrial automation](https://www.degruyter.com/document/doi/10.1515/auto-2019-0019/html) This work motivates cryptographic agility by discussing the threat of quantum computers to moderncryptography. [[PN19]](../../refs#pn19)
---
title: "Modalities"
linktitle: "Modalities"
date: 2021-05-06T00:11:45+02:00
draft: false
type: docs
weight: 1
---
- New agile protocols:
- [Security Agility Solution Independent of the Underlaying Protocol Architecture](https://www.semanticscholar.org/paper/Security-Agility-Solution-Independent-of-the-Vasic-Mikuc/489054a1f28eb26b1baa1a9f0caff2306c821695) The agilecryptographic negotiation protocol (ACNP) proposed in this paper repre-sents a layer-agnostic, robust solution that can be deployed for providingcryptographic agility and greatly improve security. [[VM12]](../../refs#vm12)
- [Stateful Hash-based Digital Signature Schemes for Bitcoin Cryptocurrency](https://ieeexplore.ieee.org/document/9043192) This research work presents basic analysis and the background understanding of Stateful Hash-based Signature Schemes, particularly the Lamport One-Time Signature Scheme, Winternitz One-Time Signature Scheme, and the Merkle Signature Scheme. [[NWAO19]](../../refs#nwao19)
- Enhance existing protocols for use with PQC
- [Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) Algorithm Agility](https://tools.ietf.org/html/rfc8636.html) This document updates the Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) standard (RFC 4556) to remove protocol structures tied to specific cryptographic algorithms. [[AZCH19]](../../refs#azch19)
- [The Secure Socket API: TLS as an Operating System Service](https://www.usenix.org/conference/usenixsecurity18/presentation/oneill) We explore the use of the standard POSIX socket API as a vehicle for a simplified TLS API, while also giving administrators the ability to control applications and tailor TLS configuration to their needs. [[OHW+18]](../../refs#ohw18)
- Enhance existing infrastructure for PQC
- [Algorithm Agility – Discussion on TPM 2.0 ECC Functionalities](https://link.springer.com/chapter/10.1007%2F978-3-319-49100-4_6) In this paper, we review all the TPM 2.0 ECC functionalities, and discuss on whether the existing TPM commands can be used to implement new cryptographic algorithms which have not yet been addressed in the specification. [[CU16]](../../refs#cu16)
- [Fail-Safe-Konzept für Public-Key-Infrastrukturen](https://tuprints.ulb.tu-darmstadt.de/246/) In dieser Dissertation wird ein Fail-Safe-Konzept für Public-Key-Infrastrukturen vorgestellt. [[Mas02]](../../refs#mas02)
- [Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems](http://www.thinkmind.org/index.php?view=article&articleid=vehicular_2015_1_30_30028) This paper proposes a multi-domain PKI architecture for intelligent transportation systems, which considers the necessities of road infrastructure authorities and vehicle manufacturers, today. [[UWK15]](../../refs#uwk15)
- Draft for composite keys and signatures
- [Composite Keys and Signatures For Use In Internet PKI](https://tools.ietf.org/id/draft-ounsworth-pq-composite-sigs-01.html) This document defines the structures CompositePublicKey, CompositeSignatureValue, and CompositeParams, which are sequences of the respective structure for each component algorithm. [[OP20]](../../refs#op20)
---
title: "Testing"
linktitle: "Testing"
date: 2021-05-06T00:12:09+02:00
draft: false
type: docs
weight: 3
---
- Algorithm relations for better test coverage
- [Systematic Testing of Post-Quantum Cryptographic Implementations Using Metamorphic Testing](https://ieeexplore.ieee.org/document/8785645) Investigates the effectiveness of a systematic testing approach for discovering bugs in highly complex cryptographic algorithm implementations. [[PRKK19]](../../refs#prkk19)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment