confium an open source framework to support threshold
play

Confium: an open-source framework to support threshold cryptography - PowerPoint PPT Presentation

Jul 27, 2023 •235 likes •392 views

Confium: an open-source framework to support threshold cryptography standardization NIST MPTS 2020 November 5, 2020 Ronald Tse, Ribose Jointly prepared by Daniel Wyatt, Nickolay Olshevsky, Jeffrey Lau Mozilla Thunderbirds OpenPGP email is

  1. Confium: an open-source framework to support threshold cryptography standardization NIST MPTS 2020 November 5, 2020 Ronald Tse, Ribose Jointly prepared by Daniel Wyatt, Nickolay Olshevsky, Jeffrey Lau

  2. Mozilla Thunderbird’s OpenPGP email is powered by RNP RNP is a high-performance • OpenPGP library Thunderbird 78+ embeds RNP for its • end-to-end email encryption functionality Only major email client with native • OpenPGP functionality 35M+ Thunderbird installations • Open, freely licensed (BSD) • Audited by Cure53, monitored by • Google’s OSS-Fuzz program

  3. Plenty of steps required to apply TC in Thunderbird Vast gaps to overcome between cryptographic research and practical • deployment 1. Research 2. Standardization at SDOs 3. Adoption by cryptographic libraries (and implementations) 4. Developer education and end-user application adoption Cross-platform: abstracted primitives and resources • – Computation, algorithms, smartcards, HSMs, networking => Decouple cryptographic design, implementation, distribution and adoption •

  4. Confium is a cross-platform trust store that bridges cryptographers with practical cryptography usage Generalized environment with abstracted primitives for cryptographers to • develop prototypes to production algorithms and schemes Supports the standardization efforts of threshold cryptography at NIST • – Common API for TC implementations/primitives – Enables real-world end-user application testing – Simplify comparisons by providing a level-playing field – Supplied primitives (e.g. networking) lets cryptographers focus on what’s important • Open source, openly licensed!

  5. Confium provides an abstraction that supports new cryptographic families Provide a generalized platform for cryptographic implementations • – cryptographic execution environment – primitives for networking, other OS resources – distributed and remote resources Extensible architecture for new cryptographic usage • – crypto provider plugins to bridge existing crypto libraries – crypto storage plugins to support different keys types and parameters Platform-independent, compartmentalized key storage • Gives applications control of extension activity •

  6. RNP/Confium receives funding support by MOSS and NLNet Mozilla Open Source Support NLNet Next Generation Internet • • – Foundational Technology award – NGI Zero Privacy Enhancing Technology award – Secure Open Source award – Supported by funding from EU’s Horizon 2020 programme under grant agreements No 825310 and 825322

  7. Current user application architecture (without Confium) Thunderbird RNP Crypto- OpenPGP handling Trust management application Botan Crypto- primitives AES RSA ECC …

  8. Confium unhinges user applications from cryptography implementations Support smart cards and other trust mediums • Retrieve keys from external sources • No longer bound to particular algorithm implementations from underlying • cryptographic libraries – e.g. addition of plaintext padding in an updated version can screw the stack Extendable to future cryptographic families • => Enables cryptographers to directly contribute to the trust store •

  9. Re-architected user applications on Confium Thunderbird RNP Confium Crypto- OpenPGP handling application Trust store Crypto- Engine primitive API Crypto- User-chosen Botan primitive plugins New algo AES RSA ECC plugins

  10. Integrated architecture providing a unified trust/crypto layer OpenSSL Cryptographic Engine Botan provider plugins Confium mbtls Public On-device Cryptographic Secret Store store plugins External Smartcards Cloud HSM

  11. Cryptographic plugins ensures future extensibility as an isolation layer across cryptographic libraries Provider plugins • – Type 1: purely implemented in Confium via FFI – Type 2: hybrid implementation via FFI in Confium, that utilizes existing implementations from cryptographic libraries (e.g. OpenSSL, mbtls) – Type 3: wrapper implementations of existing implementations from cryptographic libraries Store plugins • – Different implementations for new secret/key types Publishers manage their own plugins • • Users decide what to install

  12. Example: prototyping and production of crypto-primitives • Each plugin needs some way of specifying dependencies require "confium/ffi" include <confium/ffi.h> require "confium/openssl/1.1.1" include <confium/openssl/1.1.1.h> class ClownRsa::Key namespace ClownRSA { def generate namespace Key { process OpenSSL::RSA.generate_key end RSA generate() { const int kBits = 1024; def sign(data) const int kExp = 3; ... return OpenSSL::RSA_generate_key( kBits, kExp, 0, 0);

  13. Call for interest • Reiteration of goals: – Assist upcoming NIST standardization efforts – Bring your algorithm to real-world user applications Example: https://github.com/rnpgp/confium/blob/wip/example.rb • • Seeking interest from cryptographers to test drive Confium! Contact the Confium team at confium@ribose.com •

  14. Thank you, questions welcome!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Moodle by Moonami Open Source Moodle - your way 2 Who we are Open Source Moodle your way Our

Moodle by Moonami Open Source Moodle - your way 2 Who we are Open Source Moodle your way Our

1 Moodle by Moonami Open Source Moodle - your way 2 Who we are Open Source Moodle your way Our goal here at Moodle by Moonami is simple: to provide world-class cloud hosting &amp; support with excellent customer support at boutique prices

1.07k views • 9 slides
-Abhijit Mahajan Django web Framework is an open source Web 2.0 application framework

-Abhijit Mahajan Django web Framework is an open source Web 2.0 application framework

-Abhijit Mahajan Django web Framework is an open source Web 2.0 application framework written in Python which follows the model-view-controller architectural pattern. It was originally developed to manage several news-oriented

462 views • 35 slides
- http://pothosware.com/ Josh Blum presents Pothos an open source computation framework,

- http://pothosware.com/ Josh Blum presents Pothos an open source computation framework,

- http://pothosware.com/ Josh Blum presents Pothos an open source computation framework, complete with graphical design interface, and companion project SoapySDR, for SDR hardware support. Josh Blum - Introduction Doing SDR stuff for a

422 views • 21 slides
PRGA: An Open-source Framework for Building and Using Custom FPGAs Ang Li, David Wentzlaff

PRGA: An Open-source Framework for Building and Using Custom FPGAs Ang Li, David Wentzlaff

PRGA: An Open-source Framework for Building and Using Custom FPGAs Ang Li, David Wentzlaff Princeton University github.com/PrincetonUniversity/prga 1 The Era of Open-Source Hardware NVDLA MIAOW OpenRISC PULP Ariane

776 views • 25 slides
AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO

AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO

AN OPEN-SOURCE FRAMEWORK FOR INTEGRATING MULTI-SOURCE LAYOUT AND TEXT RECOGNITION TOOLS INTO SCALABLE OCR WORKFLOWS KAY-MICHAEL WRZNER KONSTANTIN BAIERER 1 . 1 Bibliotheca Baltica 2018 Rostock 2018-10-05 OVERVIEW 1. Why OCR-D 2. The

776 views • 48 slides
Open Source clouds: Be the change you want to see Tryggvi Lrusson, Co-founder and CTO What is

Open Source clouds: Be the change you want to see Tryggvi Lrusson, Co-founder and CTO What is

Cloud Open 2014 Open Source clouds: Be the change you want to see Tryggvi Lrusson, Co-founder and CTO What is OSAT A framework in which the benefits of the open source methodology are applied to technology which is of social importance What

549 views • 31 slides
lld, a linker framework Presented by: Shankar Easwaran Qualcomm Innovation Center, Inc Open

lld, a linker framework Presented by: Shankar Easwaran Qualcomm Innovation Center, Inc Open

Open Source Open Possibilities lld, a linker framework Presented by: Shankar Easwaran Qualcomm Innovation Center, Inc Open Source Open Possibilities PAGE 1 Motivation Provide a necessary set of reusable libraries to create target specific

437 views • 10 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
XaLib Open Source C++ Applica4on Framework by XAllegro

XaLib Open Source C++ Applica4on Framework by XAllegro

XaLib Open Source C++ Applica4on Framework by XAllegro TechItalians MeetUp London 24.06.2015 Who we are So#ware house Start-Up in UK

490 views • 9 slides
The Road to Advanced Mission Critical Linux Support: an Open Source Approach marco bill-peter

The Road to Advanced Mission Critical Linux Support: an Open Source Approach marco bill-peter

The Road to Advanced Mission Critical Linux Support: an Open Source Approach marco bill-peter vice president Global Support Services marco bill-peter Red Hat is the world's leading provider of open source solutions, using a community-powered

335 views • 30 slides
ACCEPT: We Built an Open-Source Approximation Compiler Framework So You Don't Have To Adrian

ACCEPT: We Built an Open-Source Approximation Compiler Framework So You Don't Have To Adrian

ACCEPT: We Built an Open-Source Approximation Compiler Framework So You Don't Have To Adrian Sampson Andr Baixo Benjamin Ransford Thierry Moreau Joshua Yip Luis Ceze Mark Oskin sa pa University of Washington http:// accept.rocks

570 views • 19 slides
An Open Source Framework for Standardized Comparisons of Face Recognition Algorithms Manuel G

An Open Source Framework for Standardized Comparisons of Face Recognition Algorithms Manuel G

Introduction The FaceRecLib Example runs Conclusion An Open Source Framework for Standardized Comparisons of Face Recognition Algorithms Manuel G unther, Roy Wallace, S ebastien Marcel Idiap Research Institute CH - 1920 Martigny

523 views • 20 slides
Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

The State of Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and Open Source databases RedHat Acquired by IBM Image Source: https://techcrunch.com/story/ibm-acquires-red-hat/ Open Source

663 views • 29 slides
FROM LABORATORY TO THE FIELD: AN OPEN SOURCE SDR PROJECT COUPLED WITH NATIVE LINUX DRIVER

FROM LABORATORY TO THE FIELD: AN OPEN SOURCE SDR PROJECT COUPLED WITH NATIVE LINUX DRIVER

FROM LABORATORY TO THE FIELD: AN OPEN SOURCE SDR PROJECT COUPLED WITH NATIVE LINUX DRIVER FRAMEWORK Xianjun Jiao, Wei Liu, Muhammad Aslam, Felipe A. P . F., Ingrid moerman, Filip Louagie OPENWIFI FIRST OPEN SOURCE FULL STACK REAL-TIME WI-FI

285 views • 10 slides
ModGrasp : an Open-Source Rapid-Prototyping Framework for Designing Low-Cost Sensorised Modular

ModGrasp : an Open-Source Rapid-Prototyping Framework for Designing Low-Cost Sensorised Modular

Introduction ModGrasp architecture and communication protocol Case study: a three-fingered modular manipulator Experimental results, conclusion and future work ModGrasp : an Open-Source Rapid-Prototyping Framework for Designing Low-Cost

185 views • 17 slides
Phil Sturgeon Framework Interoperability Advocate How to successfully release an open-source PHP

Phil Sturgeon Framework Interoperability Advocate How to successfully release an open-source PHP

Phil Sturgeon Framework Interoperability Advocate How to successfully release an open-source PHP package (and become a better developer for it) The goods 1. Make 2. Market 3. Maintain Things to consider before you start Why you should and

757 views • 75 slides
Landscape and Jurisdictional Initiatives Private Sector Engagement Webinar Date: 17 November,

Landscape and Jurisdictional Initiatives Private Sector Engagement Webinar Date: 17 November,

Landscape and Jurisdictional Initiatives Private Sector Engagement Webinar Date: 17 November, 2020 Private Sector Engagement in Landscape &amp; Jurisdictional Initiatives: Why and where should companies engage? Time (mins) Scope 00-05 mins

475 views • 35 slides
Connecticut Paint Stewardship Program Connecticut Coalition for Sustainable Materials Management

Connecticut Paint Stewardship Program Connecticut Coalition for Sustainable Materials Management

Connecticut Paint Stewardship Program Connecticut Coalition for Sustainable Materials Management October 22, 2020 PaintCare Inc. Non-profit 501(c)(3) organization Established in 2009 Subsidiary of the American Coatings Association

325 views • 7 slides
School Portal Training November 2018 School Portal Training Welcome Background and

School Portal Training November 2018 School Portal Training Welcome Background and

Digital Admissions School Portal Training November 2018 School Portal Training Welcome Background and Context to Digital Transformation Use of the School Portal Digital Transformation Programme Programme to deliver Digital

121 views • 11 slides
Annual General Meeting 10 September 2019 Berkshire West CCG 1 Welcome &amp; introductions Dr

Annual General Meeting 10 September 2019 Berkshire West CCG 1 Welcome &amp; introductions Dr

Annual General Meeting 10 September 2019 Berkshire West CCG 1 Welcome &amp; introductions Dr Abid Irfan, CCG Chair 2 Meeting agenda Chairs address Summary 2018/19 Key partner in the Berkshire West Integrated Care System

603 views • 41 slides
Congruences and the Thue-Morse sequence Emeric Deutsch Department of Mathematics Polytechnic

Congruences and the Thue-Morse sequence Emeric Deutsch Department of Mathematics Polytechnic

Congruences and the Thue-Morse sequence Emeric Deutsch Department of Mathematics Polytechnic University Brooklyn, NY 11201, USA deutsch@duke.poly.edu Bruce E. Sagan Department of Mathematics Michigan State University East Lansing, MI

359 views • 8 slides
Motivation Status quo Providing efficient PKC in embedded systems is challenging

Motivation Status quo Providing efficient PKC in embedded systems is challenging

Faster Hash-based Signatures with Bounded Leakage SAC 2013, Burnaby, Canada Thomas Eisenbarth 1 , Ingo von Maurich 2 and Xin Ye 1 1 Worcester Polytechnic Institute, Worcester, MA, USA 2 Horst Grtz Institute for IT-Security, Ruhr University

493 views • 25 slides
Learning Dynamic Manipulation Skills under Unknown Dynamics with Guided Policy Search Sergey

Learning Dynamic Manipulation Skills under Unknown Dynamics with Guided Policy Search Sergey

Learning Dynamic Manipulation Skills under Unknown Dynamics with Guided Policy Search Sergey Levine Pieter Abbeel UC Berkeley UC Berkeley Team TROOPER: Lockheed Martin, University of Pennsylvania, Philipp Krahenbuhl, Stanford University

205 views • 18 slides
LOG-STRUCTURED MERGE-TRIE PART 1 Xingbo Wu and Yuehai Xu, Wayne State University; Zili Shao, The

LOG-STRUCTURED MERGE-TRIE PART 1 Xingbo Wu and Yuehai Xu, Wayne State University; Zili Shao, The

LOG-STRUCTURED MERGE-TRIE PART 1 Xingbo Wu and Yuehai Xu, Wayne State University; Zili Shao, The Hong Kong Polytechnic University; Song Jiang, Wayne State University Presented by: Joel Friberg LSM-Trie Overview 32MB Htable KV-item

264 views • 10 slides

More recommend