-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathchapter1.tex
32 lines (27 loc) · 2.74 KB
/
chapter1.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
\chapter{Introduction}
\label{chap:intro}
Today's standards for Encryption and Authentication are fundamentally broken.
The age old standard practice of obtaining an encrypted connection to a server, then sending a cleartext password to authenticate users is flawed.
\glspl{pake} are a profoundly different way of looking at how encryption and authentication are performed, and could represent the basis for a safer and more secure future, even in the face of the ever increasing threat quantum computers pose to encryption.
\section{Aims}
This project aims to understand the nature of how \glspl{pake} work, what they can and cannot do, and how they can be used to improve the security of almost all password based authentication systems.
The \enquote{quantum annoying} property of \glspl{pake} will also be explored, to understand how \glspl{pake} can be used to delay the need for post-quantum cryptography by years or even decades \cite{quantum-annoying}.
Additionally an implementation of a modern \gls{pake} protocol (\gls{aucpace}) will be created and and contributed back to the RustCrypto open source project.
\section{Deliverables}
The implementation of the \gls{aucpace} protocol in Rust is the core deliverable for this project.
Performance of the library will be compared against those for other \gls{pake} protocols.
The metrics of execution time, code size and message size will be used.
\section{Challenges}
Working with elliptic curve cryptography proved to be particularly challenging.
A lack of understanding of one particular area proved fatal when a catastrophic bug was found in the codebase late in the project.
\Cref{chap:testing} talks about remediating this bug and ensuring it cannot happen again.
\section{Structure}
The report will follow the following structure:
\begin{itemize}
\item{\Cref{chap:intro} introduces the project and provides an explanation of the aims and deliverables.}
\item{\Cref{chap:context} goes into detail on the history of \gls{pake} algorithms and explains elliptic curve cryptography.}
\item{\Cref{chap:design} explains the design decisions made around the implementation of \gls{aucpace}.}
\item{\Cref{chap:impl} talks about how the library was implemented, how Rust's type and trait systems were effectively utilised to make the library as easy to use as possible.}
\item{\Cref{chap:testing} covers the extensive testing of the library, from unit and integration testing to running the protocol on real hardware. A comparison to an equivalent \gls{pake} (\gls{opaque}) is made by benchmarking both libraries. Finally the bug from above is explored, the fix and future prevention are explained.}
\item{\Cref{chap:conclusion} wraps up the project, with a reflection and an analysis of possible future work.}
\end{itemize}