js331zc/MastersThesis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

revision1

Browse Source
This commit is contained in:
josi 2024-05-07 10:46:35 +02:00
parent bd55ec336d
commit 5735c858f1
8 changed files with 112 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
PQ_PROJECT_SSL_TLS/CERIFICATEs/PQ/README.txt
View File

@ -4,8 +4,11 @@ generovanie PQ algoritmov.
Na generovanie PQ algoritmov je nutne aktivovat oqsprovidera. Navod na aktivaciu Na generovanie PQ algoritmov je nutne aktivovat oqsprovidera. Navod na aktivaciu
sa nachadza v zlozke /oqsprovider/ sa nachadza v zlozke /oqsprovider/
Dostupne PQ algoritmy (20.02.2024) Dostupne PQ algoritmy (07.05.2024)
- zalezi tiez na nastaveniach kniznic liboqs a oqs-provider viď https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md - zalezi tiez na nastaveniach kniznic liboqs a oqs-provider viď https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
mldsa44
mldsa65
mldsa87
dilithium2 dilithium2
dilithium3 dilithium3
dilithium5 dilithium5
@ -14,12 +17,12 @@ falcon1024
sphincssha2128fsimple sphincssha2128fsimple
sphincssha2128ssimple sphincssha2128ssimple
sphincssha2192fsimple sphincssha2192fsimple
sphincssha2192ssimple
sphincssha2256fsimple
sphincssha2256ssimple
sphincsshake128fsimple sphincsshake128fsimple
Nepodporovane algoritmy pri defaultnom nastaveni kniznice Nepodporovane algoritmy pri defaultnom nastaveni kniznice
sphincssha2192ssimple
sphincssha2256fsimple
sphincssha2256ssimple
sphincsshake128ssimple sphincsshake128ssimple
sphincsshake192fsimple sphincsshake192fsimple
sphincsshake192ssimple sphincsshake192ssimple

7
PQ_PROJECT_SSL_TLS/CLIENT_SERVER_SECURE/CLIENT/client.c
View File

@ -1,3 +1,6 @@
/*
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
*/
/* /*
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0 JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
*/ */
@ -101,7 +104,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
Priklad pouzitia: Priklad pouzitia:
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072" - klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake" - PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768" - hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
@ -109,7 +112,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0) POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
*/ */
#define DEFAULT_GROUPS "kyber512:X25519:kyber768" #define DEFAULT_GROUPS "mlkem512:hqc128:X25519:kyber768"
#define DEFAULT_PORT 443 #define DEFAULT_PORT 443

7
PQ_PROJECT_SSL_TLS/CLIENT_SERVER_SECURE/SERVER/server.c
View File

@ -1,3 +1,6 @@
/*
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
*/
/* /*
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0 JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
*/ */
@ -115,7 +118,7 @@ SSL vyhodi chybu: "SSL routines:final_key_share:no suitable key share"
Priklad pouzitia: Priklad pouzitia:
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072" - klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake" - PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768" - hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
@ -123,7 +126,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0) POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
*/ */
#define DEFAULT_GROUPS "kyber768:frodo976aes:kyber1024" #define DEFAULT_GROUPS "mlkem512:kyber768:frodo976aes:kyber1024"
#define DEFAULT_PORT 443 #define DEFAULT_PORT 443

7
PQ_PROJECT_SSL_TLS/CLIENT_SERVER_SECURE_BIO/CLIENT/client.c
View File

@ -1,3 +1,6 @@
/*
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
*/
/* /*
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0 JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
*/ */
@ -56,7 +59,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
Priklad pouzitia: Priklad pouzitia:
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072" - klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake" - PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768" - hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
@ -64,7 +67,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0) POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
*/ */
#define DEFAULT_GROUPS "X25519:kyber512:kyber768" #define DEFAULT_GROUPS "mlkem512:X25519:kyber512:kyber768"
/** /**
* printUsage function who describe the utilisation of this script. * printUsage function who describe the utilisation of this script.

7
PQ_PROJECT_SSL_TLS/CLIENT_SERVER_SECURE_BIO/SERVER/server.c
View File

@ -1,3 +1,6 @@
/*
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
*/
/* /*
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0 JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
*/ */
@ -59,7 +62,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
Priklad pouzitia: Priklad pouzitia:
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072" - klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake" - PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768" - hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
@ -67,7 +70,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0) POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
*/ */
#define DEFAULT_GROUPS "kyber768:frodo976aes:kyber1024" #define DEFAULT_GROUPS "mlkem512:kyber768:frodo976aes:kyber1024"
#define DEFAULT_PORT 443 #define DEFAULT_PORT 443

39
PQ_PROJECT_SSL_TLS/oqsprovider/README.txt
View File

@ -7,9 +7,6 @@ klient/server na inom zariadeni je nutne vytvorit novy .dll subor.
Vytvorene a testovane na: Vytvorene a testovane na:
OpenSSL 3.3.0, liboqs 0.10.0, oqs-provider 0.6.0 OpenSSL 3.3.0, liboqs 0.10.0, oqs-provider 0.6.0
Cely postup je dostupny online:
https://git.kemt.fei.tuke.sk/js331zc/MastersThesis/src/branch/master/OpenSSL_liboqs_oqsprovider
NAVOD NA POUZITIE NAVOD NA POUZITIE
- predpokladame ze system obsahuje kniznice libcrypto a libssl - predpokladame ze system obsahuje kniznice libcrypto a libssl
- na generovanie PQ certifikatov je potrebne mat OpenSSL.exe - na generovanie PQ certifikatov je potrebne mat OpenSSL.exe
@ -52,3 +49,39 @@ premennu OPENSSL_CONF na priecinok, kde sa tento subor nachadza. V BPS obraze
je tato premenna nastavena na C:\OPENSSL\BIN\ je tato premenna nastavena na C:\OPENSSL\BIN\
Systemovu premennu mozeme zmenit alebo skopirovat nas konfiguracny subor Systemovu premennu mozeme zmenit alebo skopirovat nas konfiguracny subor
na dane miesto. na dane miesto.
-------------------------------------------------------------------------------
Ak potrebujeme vygenerovat nove verzie kniznic liboqs a oqs-provider:
NAVOD NA KOMPILACIU
Predpokladame, ze BPS obraz obsahuje vsetky potrebne nastroje (WinLibs) a OpenSSL
1. liboqs
https://github.com/open-quantum-safe/liboqs
https://github.com/open-quantum-safe/liboqs/releases - ak potrebujeme konkretnu verziu
- stiahnuty subor rozbalime na nami zvolene miesto, napr. C:\liboqs\
- kniznicu nainstalujeme prikazmi:
mkdir build
cd build
cmake -GNinja ..
ninja
ninja install
- po dokonceni instalacie vznikli zlozky /include/ a /lib/, ktore
skopirujeme do hlavnej zlozky nasho prekladaca, napr. C:\MINGW\
2. oqs-provider
https://github.com/open-quantum-safe/oqs-provider/tree/main
https://github.com/open-quantum-safe/oqs-provider/releases - ak potrebujeme konkretnu verziu
- stiahnuty balik rozbalime na nami zvolene miesto, napr. C:\oqsprovider\
- v subore CMakeLists.txt pridame na riadok 90 a 91 pred funkcie
enable_testing() a add_subdirectory(test) symbol #, ktorym zakomentujeme
a nezrealizujeme kompilaciu testov
- kniznicu nainstalujeme tymito prikazmi:
cmake -GNinja -DOPENSSL_ROOT_DIR=C:\OPENSSL -S . -B _build
cd _build
ninja
ninja install

45
PQ_TIIGER_TLS/CMakeLists.txt Normal file
View File

@ -0,0 +1,45 @@
# JS update 29.02.2024
# Odstranene nepotrebne podmienky a funkcie
cmake_minimum_required(VERSION 3.7)
# CMake instructions to build tiitls library
# Set the project name
project(tiitls1.3)
configure_file(./sal/tls_sal_m.xpp ./lib/tls_sal.cpp COPYONLY)
set(SRC
./lib/tls_cert_chain.cpp
./lib/tls_client_recv.cpp
./lib/tls_client_send.cpp
./lib/tls_keys_calc.cpp
./lib/tls_sockets.cpp
./lib/tls_octads.cpp
./lib/tls_logger.cpp
./lib/tls_protocol.cpp
./lib/tls_cacerts.cpp
./lib/tls_client_cert.cpp
./lib/tls_tickets.cpp
./lib/tls_x509.cpp
./lib/tls_sal.cpp
./lib/ibe/tls_bfibe.cpp
./lib/ibe/tls_pqibe.cpp
)
# Add a library
add_library(tiitls STATIC ${SRC})
target_include_directories(tiitls PUBLIC include)
target_include_directories(tiitls PUBLIC sal/miracl)
target_include_directories(tiitls PUBLIC sal/miracl/includes)
# CMake instructions to build client app
add_executable( client src/client.cpp )
target_link_libraries(client tiitls )
target_link_libraries(client ${PROJECT_SOURCE_DIR}/sal/miracl/core.a -loqs -lstdc++ -lws2_32)

5
README.md
View File

@ -1,9 +1,10 @@
# MastersThesis # MastersThesis
## About ## About
Tento repozitár obsahuje zdrojové kódy knižníc, návody kompilácie, vytvorené skripty a výsledky meraní, ktoré vznikli pri riešení problematiky diplomovej práce s názvom "Zabezpečená komunikácia klient server s využitím post-kvantových algoritmov"
## Author ## Author
Author: Jozef Simko Author: Jozef Šimko
School year: 5., Master study, 2023/24 School year: 5., Master study, 2023/24
@ -11,3 +12,5 @@ Study program: Computer Networks
Organization: Technical University of Kosice (TUKE), Faculty of Electrical Engineering and Informatics (FEI) Organization: Technical University of Kosice (TUKE), Faculty of Electrical Engineering and Informatics (FEI)
Revision: 1 (07.05.2024)