revision1
This commit is contained in:
josi
parent
bd55ec336d
commit
5735c858f1
@ -4,8 +4,11 @@ generovanie PQ algoritmov.
|
||||
Na generovanie PQ algoritmov je nutne aktivovat oqsprovidera. Navod na aktivaciu
|
||||
sa nachadza v zlozke /oqsprovider/
|
||||
|
||||
Dostupne PQ algoritmy (20.02.2024)
|
||||
Dostupne PQ algoritmy (07.05.2024)
|
||||
- zalezi tiez na nastaveniach kniznic liboqs a oqs-provider viď https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
|
||||
mldsa44
|
||||
mldsa65
|
||||
mldsa87
|
||||
dilithium2
|
||||
dilithium3
|
||||
dilithium5
|
||||
@ -14,12 +17,12 @@ falcon1024
|
||||
sphincssha2128fsimple
|
||||
sphincssha2128ssimple
|
||||
sphincssha2192fsimple
|
||||
sphincssha2192ssimple
|
||||
sphincssha2256fsimple
|
||||
sphincssha2256ssimple
|
||||
sphincsshake128fsimple
|
||||
|
||||
Nepodporovane algoritmy pri defaultnom nastaveni kniznice
|
||||
sphincssha2192ssimple
|
||||
sphincssha2256fsimple
|
||||
sphincssha2256ssimple
|
||||
sphincsshake128ssimple
|
||||
sphincsshake192fsimple
|
||||
sphincsshake192ssimple
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
/*
|
||||
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
|
||||
*/
|
||||
/*
|
||||
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
|
||||
*/
|
||||
@ -101,7 +104,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
|
||||
|
||||
Priklad pouzitia:
|
||||
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
|
||||
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
|
||||
|
||||
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
|
||||
@ -109,7 +112,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
|
||||
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
|
||||
|
||||
*/
|
||||
#define DEFAULT_GROUPS "kyber512:X25519:kyber768"
|
||||
#define DEFAULT_GROUPS "mlkem512:hqc128:X25519:kyber768"
|
||||
|
||||
#define DEFAULT_PORT 443
|
||||
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
/*
|
||||
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
|
||||
*/
|
||||
/*
|
||||
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
|
||||
*/
|
||||
@ -115,7 +118,7 @@ SSL vyhodi chybu: "SSL routines:final_key_share:no suitable key share"
|
||||
|
||||
Priklad pouzitia:
|
||||
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
|
||||
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
|
||||
|
||||
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
|
||||
@ -123,7 +126,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
|
||||
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
|
||||
|
||||
*/
|
||||
#define DEFAULT_GROUPS "kyber768:frodo976aes:kyber1024"
|
||||
#define DEFAULT_GROUPS "mlkem512:kyber768:frodo976aes:kyber1024"
|
||||
|
||||
#define DEFAULT_PORT 443
|
||||
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
/*
|
||||
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
|
||||
*/
|
||||
/*
|
||||
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
|
||||
*/
|
||||
@ -56,7 +59,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
|
||||
|
||||
Priklad pouzitia:
|
||||
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
|
||||
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
|
||||
|
||||
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
|
||||
@ -64,7 +67,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
|
||||
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
|
||||
|
||||
*/
|
||||
#define DEFAULT_GROUPS "X25519:kyber512:kyber768"
|
||||
#define DEFAULT_GROUPS "mlkem512:X25519:kyber512:kyber768"
|
||||
|
||||
/**
|
||||
* printUsage function who describe the utilisation of this script.
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
/*
|
||||
JS 2024-05-07 doplnene priklady nastavenia premennej DEFAULT_GROUPS, doplnene info o ML-KEM
|
||||
*/
|
||||
/*
|
||||
JS 2024-04-11 testovane s OpenSSL 3.3.0, liboqs 0.10.0 a oqs-provider 0.6.0
|
||||
*/
|
||||
@ -59,7 +62,7 @@ SSL vyhodi chybu SSL routines:final_key_share:no suitable key share
|
||||
|
||||
Priklad pouzitia:
|
||||
- klasicke algoritmy: "x25519:x448:prime256v1:secp521r1:secp384r1:ffdhe2048:ffdhe3072"
|
||||
- PQ algoritmy: "kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- PQ algoritmy: "mlkem512:mlkem768:mlkem1024:kyber512:kyber768:kyber1024:bikel1:bikel3:bikel5:hqc128:hqc192:hqc256:frodo640aes:frodo640shake:frodo976aes:frodo976shake:frodo1344aes:frodo1344shake"
|
||||
- hybrid algoritmy: "x25519_kyber768:x25519_frodo640aes:x25519_hqc128:x448_bikel3:x448_kyber768:p256_kyber768"
|
||||
|
||||
Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-provider/blob/0.6.0/ALGORITHMS.md
|
||||
@ -67,7 +70,7 @@ Podporovane algoritmy OQS-providerom: https://github.com/open-quantum-safe/oqs-p
|
||||
POZOR - BIKE protokol nefunguje na Windows platforme (liboqs 0.10.0, oqs-provider 0.6.0)
|
||||
|
||||
*/
|
||||
#define DEFAULT_GROUPS "kyber768:frodo976aes:kyber1024"
|
||||
#define DEFAULT_GROUPS "mlkem512:kyber768:frodo976aes:kyber1024"
|
||||
|
||||
#define DEFAULT_PORT 443
|
||||
|
||||
|
||||
@ -7,9 +7,6 @@ klient/server na inom zariadeni je nutne vytvorit novy .dll subor.
|
||||
Vytvorene a testovane na:
|
||||
OpenSSL 3.3.0, liboqs 0.10.0, oqs-provider 0.6.0
|
||||
|
||||
Cely postup je dostupny online:
|
||||
https://git.kemt.fei.tuke.sk/js331zc/MastersThesis/src/branch/master/OpenSSL_liboqs_oqsprovider
|
||||
|
||||
NAVOD NA POUZITIE
|
||||
- predpokladame ze system obsahuje kniznice libcrypto a libssl
|
||||
- na generovanie PQ certifikatov je potrebne mat OpenSSL.exe
|
||||
@ -52,3 +49,39 @@ premennu OPENSSL_CONF na priecinok, kde sa tento subor nachadza. V BPS obraze
|
||||
je tato premenna nastavena na C:\OPENSSL\BIN\
|
||||
Systemovu premennu mozeme zmenit alebo skopirovat nas konfiguracny subor
|
||||
na dane miesto.
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
Ak potrebujeme vygenerovat nove verzie kniznic liboqs a oqs-provider:
|
||||
|
||||
NAVOD NA KOMPILACIU
|
||||
Predpokladame, ze BPS obraz obsahuje vsetky potrebne nastroje (WinLibs) a OpenSSL
|
||||
|
||||
1. liboqs
|
||||
https://github.com/open-quantum-safe/liboqs
|
||||
https://github.com/open-quantum-safe/liboqs/releases - ak potrebujeme konkretnu verziu
|
||||
- stiahnuty subor rozbalime na nami zvolene miesto, napr. C:\liboqs\
|
||||
- kniznicu nainstalujeme prikazmi:
|
||||
|
||||
mkdir build
|
||||
cd build
|
||||
cmake -GNinja ..
|
||||
ninja
|
||||
ninja install
|
||||
|
||||
- po dokonceni instalacie vznikli zlozky /include/ a /lib/, ktore
|
||||
skopirujeme do hlavnej zlozky nasho prekladaca, napr. C:\MINGW\
|
||||
|
||||
2. oqs-provider
|
||||
https://github.com/open-quantum-safe/oqs-provider/tree/main
|
||||
https://github.com/open-quantum-safe/oqs-provider/releases - ak potrebujeme konkretnu verziu
|
||||
- stiahnuty balik rozbalime na nami zvolene miesto, napr. C:\oqsprovider\
|
||||
- v subore CMakeLists.txt pridame na riadok 90 a 91 pred funkcie
|
||||
enable_testing() a add_subdirectory(test) symbol #, ktorym zakomentujeme
|
||||
a nezrealizujeme kompilaciu testov
|
||||
- kniznicu nainstalujeme tymito prikazmi:
|
||||
|
||||
|
||||
cmake -GNinja -DOPENSSL_ROOT_DIR=C:\OPENSSL -S . -B _build
|
||||
cd _build
|
||||
ninja
|
||||
ninja install
|
||||
|
||||
45
PQ_TIIGER_TLS/CMakeLists.txt
Normal file
45
PQ_TIIGER_TLS/CMakeLists.txt
Normal file
@ -0,0 +1,45 @@
|
||||
# JS update 29.02.2024
|
||||
# Odstranene nepotrebne podmienky a funkcie
|
||||
|
||||
cmake_minimum_required(VERSION 3.7)
|
||||
|
||||
# CMake instructions to build tiitls library
|
||||
|
||||
# Set the project name
|
||||
project(tiitls1.3)
|
||||
|
||||
configure_file(./sal/tls_sal_m.xpp ./lib/tls_sal.cpp COPYONLY)
|
||||
|
||||
set(SRC
|
||||
./lib/tls_cert_chain.cpp
|
||||
./lib/tls_client_recv.cpp
|
||||
./lib/tls_client_send.cpp
|
||||
./lib/tls_keys_calc.cpp
|
||||
./lib/tls_sockets.cpp
|
||||
./lib/tls_octads.cpp
|
||||
./lib/tls_logger.cpp
|
||||
./lib/tls_protocol.cpp
|
||||
./lib/tls_cacerts.cpp
|
||||
./lib/tls_client_cert.cpp
|
||||
./lib/tls_tickets.cpp
|
||||
./lib/tls_x509.cpp
|
||||
./lib/tls_sal.cpp
|
||||
./lib/ibe/tls_bfibe.cpp
|
||||
./lib/ibe/tls_pqibe.cpp
|
||||
)
|
||||
|
||||
# Add a library
|
||||
add_library(tiitls STATIC ${SRC})
|
||||
|
||||
target_include_directories(tiitls PUBLIC include)
|
||||
target_include_directories(tiitls PUBLIC sal/miracl)
|
||||
target_include_directories(tiitls PUBLIC sal/miracl/includes)
|
||||
|
||||
# CMake instructions to build client app
|
||||
|
||||
add_executable( client src/client.cpp )
|
||||
|
||||
target_link_libraries(client tiitls )
|
||||
|
||||
target_link_libraries(client ${PROJECT_SOURCE_DIR}/sal/miracl/core.a -loqs -lstdc++ -lws2_32)
|
||||
|
||||
@ -1,9 +1,10 @@
|
||||
# MastersThesis
|
||||
|
||||
## About
|
||||
Tento repozitár obsahuje zdrojové kódy knižníc, návody kompilácie, vytvorené skripty a výsledky meraní, ktoré vznikli pri riešení problematiky diplomovej práce s názvom "Zabezpečená komunikácia klient server s využitím post-kvantových algoritmov"
|
||||
|
||||
## Author
|
||||
Author: Jozef Simko
|
||||
Author: Jozef Šimko
|
||||
|
||||
School year: 5., Master study, 2023/24
|
||||
|
||||
@ -11,3 +12,5 @@ Study program: Computer Networks
|
||||
|
||||
Organization: Technical University of Kosice (TUKE), Faculty of Electrical Engineering and Informatics (FEI)
|
||||
|
||||
Revision: 1 (07.05.2024)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user