-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathchapter6.tex
56 lines (42 loc) · 4.49 KB
/
chapter6.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
\chapter{Summary and Conclusion}
\label{chap:conclusion}
Through the course of this project a fully-featured, and developer focused, implementation of \gls{aucpace} was created in Rust.
It was then open sourced through the RustCrypto organisation, contributing to the \gls{iiot} security ecosystem in a practical and direct way.
A severe bug in the code was remediated effectively and swiftly.
\section{Achievements}
As I began this project my understanding of \gls{ecc} was effectively zero.
I had heard of it before, and knew that it was somehow better than traditional primitives, but actually getting to understand and effectively leverage \gls{ecc} took many hours of research and was genuinely something I struggled with.
The \gls{aucpace} implementation I have created is both fast and has a tiny code footprint.
This was no small engineering feat and I took great care over the entire length of the project to ensure that the implementation was truly viable for real world use.
Open sourcing the implementation through RustCrypto will allow for the greatest number of people to make use of the library and proves that the implementation is of high enough quality to be suitable for real world applications.
Realising that several months of your work are completely and fundamentally broken is completely crushing.
Working through and understanding the vulnerability I had unknowingly let into my code proved to be a very valuable experience.
Understanding how to responsibly handle disclosing a vulnerability and rapidly rolling out a fix taught me a lot about the pressures of working in cybersecurity and that no matter how careful you are, there is always something lurking that you hadn't considered.
\section{Reflection}
I have two main regrets from this project as a whole.
Firstly, I wish I had implemented from the \gls{ietf} draft of the \gls{aucpace} protocol instead of from the paper itself.
\gls{ietf} drafts and standards are intended to be used as a reference for those implementing the protocol.
If I had followed their draft standard I would not have had anything like the trouble I did implementing Strong \gls{aucpace} and I wouldn't have had my catastrophic \enquote{neutral point} bug.
I consider that bug to be a direct consequence of my decision to follow the paper instead of the draft.
Secondly, I wish I had contacted Bj\"orn Haase earlier on.
When I did contact him late in the project there was limited scope left for collaboration simply due to the lack of remaining time.
I believe his input especially around test vector generation could have been very helpful.
That said, I am immensely proud of what I have achieved over the course of this project.
I have greatly enjoyed researching \glspl{pake} and working in Rust.
This project has undeniably changed the course of my career, at the start of the year I had planned to continue with my bursary sponsor on to a job in pentesting, however I now intended to pursue a PhD in cryptography.
\section{Future Work}
There are so many directions future work in this area could go.
\glspl{pake} are a fascinating topic with a bright future in many areas of cybersecurity.
\subsection{CHIP+CRISP}
If I had more time I would have liked to have also implemented the CHIP+CRISP \gls{ipake} compilers from \citeauthor{chip+crisp}, I believe these two protocol compilers are fascinating pieces of technology that are truly innovative.
\subsection{CPace}
On a more practical level, \gls{aucpace} is an \gls{apake} built on top of the \gls{cpace} \gls{bpake}, future work could include breaking this underlying implementation out into it's own crate.
\subsection{Post Quantum PAKE}
With the rapid emergence of quantum technologies, stopgap solutions such as the \enquote{quantum annoying} property of \gls{aucpace} and similar \glspl{pake} simply won't be enough.
An implementation of a truly \enquote{post quantum} \gls{pake} would make for an excellent project.
One interesting candidate for this would be LATKE \cite{latke}, an \gls{ipake} instantiated from lattice assumptions.
\section{Conclusion}
\gls{pake} algorithms can be used to improve the security of a wide variety of domains.
The \gls{iiot} stands to gain particular benefit from improving \gls{pake} algorithms and support.
Especially as algorithms with lower power consumption and those directly targeting embedded devices emerge.
The Rust implementation of \gls{aucpace} directly contributes to the ever growing \gls{iiot} security landscape, by contributing a \gls{pake} with a low code-footprint, efficient computation and no patent barriers.