Return to search

Theoretical and Practical Aspects of the Migration to Post Quantum Cryptography

Partial Post Quantum Cryptography migration of GitLab Community Edition source code with 3 main contributions

1. Devloped RubyCrypt - a simple scanner to assist the Cryptographic Inventory Compilation of Ruby apps
2. Configured git to use PQC signature (CRYSTALS-Dilithium) for commit signing
3. Included CRYSTALS-Dilithium to ssh_data, a common cryptographic Ruby gem used by GitLab (& GitHub):1. Introduction
2. Theoretical Background - Post Quantum Cryptography
2.1. Code-based Cryptography
2.1.1. McEliece Cryptosystem
2.2. Lattice-based Cryptography
2.2.1. CRYSTALS-Dilithium
3. Post Quantum Cryptography Migration of GitLab - a Case Study
3.1. Problem Statement
3.2. Related Work
3.2.1. Software Tools for Static Program Analysis
3.3. Chosen Approach
4. Implementation
4.1. Cryptographic Inventory Compilation
4.1.1. Results
4.2. Migration Planning
4.3. Migration Execution
4.3.1. PQC Commit Signatures in git
4.3.2. Including Dilithium to ssh_data
5. Conclusion and Outlook
6. References

List of Tables
List of Figures
List of Source Code
Acronyms
Notation / Partielle Migration des GitLab Community Edition Source Codes auf Verfahren der Post-Quanten-Kryptographie mit 3 Hauptergebnissen

1. Entwicklung von RubyCrypt - einem simplen Scanner zur Unterstützung der Inventarisierung verwendeter Kryptographie in Ruby-Anwendungen
2. Konfiguration von git zur Verwendung des quantensicheren Signaturalgorithmus CRYSTALS-Dilithium zur Signatur von Commits
3. Integration von CRYSTALS-Dilithium in ssh_data, ein populäres kryptographisches Ruby gem welches in GitLab (und GitHub) verwendet wird:1. Introduction
2. Theoretical Background - Post Quantum Cryptography
2.1. Code-based Cryptography
2.1.1. McEliece Cryptosystem
2.2. Lattice-based Cryptography
2.2.1. CRYSTALS-Dilithium
3. Post Quantum Cryptography Migration of GitLab - a Case Study
3.1. Problem Statement
3.2. Related Work
3.2.1. Software Tools for Static Program Analysis
3.3. Chosen Approach
4. Implementation
4.1. Cryptographic Inventory Compilation
4.1.1. Results
4.2. Migration Planning
4.3. Migration Execution
4.3.1. PQC Commit Signatures in git
4.3.2. Including Dilithium to ssh_data
5. Conclusion and Outlook
6. References

List of Tables
List of Figures
List of Source Code
Acronyms
Notation

Identiferoai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:91038
Date23 April 2024
CreatorsSchröck, Florian
ContributorsHochschule für Technik, Wirtschaft und Kultur Leipzig
Source SetsHochschulschriftenserver (HSSS) der SLUB Dresden
LanguageEnglish
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/updatedVersion, doc-type:masterThesis, info:eu-repo/semantics/masterThesis, doc-type:Text
Rightsinfo:eu-repo/semantics/openAccess
Relationinfo:eu-repo/grantAgreement/Bundesministerium für Bildung und Forschung/KMU-innovativ/https://www.forschung-it-sicherheit-kommunikationssysteme.de/projekte/amiquasy//Agile Migration auf quantensichere Systeme/AMiQuaSy

Page generated in 0.0019 seconds