Skip to content
This repository has been archived by the owner on Sep 1, 2024. It is now read-only.
/ qujata Public archive

[inactive] Next-Gen Crypto. Quantified.

License

Notifications You must be signed in to change notification settings

att/qujata

Repository files navigation


NOTE: As of September 2024 we are no longer maintaining att/qujata. Please refer to the fork by ATIS, as they will be resuming this work.


Table of Contents

Overview

In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.

Qujata project (after myth creature Kujata or Quyata) is a testbed, evaluating the performance of the supported Quantum-Safe Crypto protocols by their client & server vital signs, like memory and cpu usage, connection time, download speed, once connection is established, etc.

Algorithms

Algorithms supported

This section lists all quantum-safe algorithms supported by this oqs testbed.

As standardization for these algorithms within TLS is not done, all TLS code points/IDs can be changed from their default values to values set by environment variables. This facilitates interoperability testing with TLS1.3 implementations that use different IDs.

Algorithm name Enabled Type
bikel1 Yes Post Quantum
bikel3 Yes Post Quantum
bikel5 Yes Post Quantum
frodo1344aes Yes Post Quantum
frodo1344shake Yes Post Quantum
frodo640aes Yes Post Quantum
frodo640shake Yes Post Quantum
frodo976aes Yes Post Quantum
frodo976shake Yes Post Quantum
hqc128 Yes Post Quantum
hqc192 Yes Post Quantum
hqc256 Yes Post Quantum
kyber1024 Yes Post Quantum
kyber512 Yes Post Quantum
kyber768 Yes Post Quantum
p256_kyber512 Yes Hybrid
p384_kyber768 Yes Hybrid
prime256v1 Yes Classic
secp384r1 Yes Classic
x25519_kyber768 Yes Hybrid

Getting Started

We suggest using the Docker Compose distribution, but a Kubernetes Helm charts procedure is avalable if you’d prefer to run the Qujata in your kubernetes environment.

also a Development Installation procedure to run the Qujata in development mode is provided.

To start, clone the qujata repository:

git clone https://github.com/att/qujata.git
cd qujata

There are two ways to install qujata runtime on your machine

  1. Individual Dockers
  2. Within a pre-built Kubernetes setup

These two options are detailed below.

Option 1: Docker

Prerequisit: Docker, Docker Compose.
Docker Compose is included in Docker Desktop installation

  1. cd to the following directory:
cd run/docker
  1. Start the application using:
docker compose up
  1. the UI is available on:
http://localhost:2000/qujata
  1. The grafana UI is now available by clicking on the button in the UI or using the below url and selecting 'Qujata Analysis' dashboard:
http://localhost:3000/

The initial username/password for grafana is qujata/qujata.

Option 2: Kubernetes

Prerequisit: Kubernetes, Helm
If you're using Docker Desktop you can Enable Kuberenets in Docker Desktop

  1. cd to the following directory:
cd run/kubernetes
  1. install helm charts:
helm dependency update
helm install qujata . --create-namespace --namespace qujata
  1. expose ports (creates 3 background processes):
kubectl port-forward service/qujata-grafana 3000:3000 -n qujata & \
kubectl port-forward service/qujata-portal 2000:80 -n qujata & \
kubectl port-forward service/qujata-api 3020:3020 -n qujata &

NOTE: Please note port-forward command does not return. It will forward the port(s) until CTRL+C is pressed, see this page for more details. If background process was used (& and the end of each bash command, like we suggested above), you will need to use fg command 3 times to bring the services back to forground and CTRL+C on each to stop forwarding or simply use this command to kill all port forwarding at once:

pkill -f "port-forward"

To check if the right ports are indeed forwarded, open a new bash/terminal window and try the following command:

ps -f | grep 'kubectl' | grep 'port-forward' | awk '{print $10 " " $11}'
  1. the UI is available on:
http://localhost:2000/qujata
  1. The grafana UI is now available by clicking on the button in the UI or using the below url and selecting 'Qujata Analysis' dashboard:
http://localhost:3000/

The initial username/password for grafana is qujata/qujata.

Development

As opposed to installing qujata runtime, explained in the Getting Started section, developing and/or contributing code to the project requires installation of all the compounders listed below on your machine.

In order to install and run the various components in development mode, see these individual read me files for each of them.

  1. Portal
  2. Api
  3. Curl

For UI development contributors, please find below our current UI/UX design. Suggestions for improvement are always welcome. Qujata_Wireframes.pdf

Project Roadmap and Architecture

Information about our roadmap can be found here.

Contributing

Information about how to contribute, can be found here.

Releases

See here.

Acknowledgements

Qujata project is based on Open Quantum Safe project and other work done by NIST and other organization and individuals, working on PQC (Post Quantum Safe) cryptography algorithms

Code of Conduct

Code of conduct can be found here

License

License can be found here.