Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BSI Project 481 #3108

Open
securitykernel opened this issue Dec 3, 2022 · 3 comments
Open

BSI Project 481 #3108

securitykernel opened this issue Dec 3, 2022 · 3 comments
Labels
enhancement Enhancement or new feature
Milestone
Botan 3.7.0

Comments

@securitykernel
Copy link
Collaborator

securitykernel commented Dec 3, 2022
edited by reneme
Loading

German Federal Office for Information Security (BSI) commissions a project "Maintenance and further development of the cryptographic library Botan". In can be regarded as a successor to the concluded BSI project 197 "Development of a secure crypto library".

Aim of this issue is to make activities from BSI project 481 transparent to Botan maintainers and users.

Project Organization

BSI Project 481 is a development project commissioned by the German Federal Office of Information Security (BSI).

  • Contracting Authority: German Federal Office of Information Security (BSI)
  • Contractor: Rohde & Schwarz Cybersecurity GmbH
  • Subcontractor: Fraunhofer Institute for Applied and Integrated Security (AISEC)
  • Project duration: 01/2022 – 12/2024 03/2025

Main Activities

Updating and maintaining the cryptographic library Botan

The BSI development branch shall be updated to the current Botan version (main development branch) in alignment with the BSI.

Extending Botan with PQC algorithms

The implementation of Botan shall be extended by post-quantum cryptographic algorithms (based on NIST, IETF and TR-02102-1). BSI is in charge of selecting the particular algorithms. The candidates selected are FrodoKEM, Classic McEliece, CRYSTALS-Kyber, CRYSTALS-Dilithium, XMSS, LMS and Sphincs+.

Implement the final FIPS standards

Extending Botan with TLS 1.3 hybrid key agreement

A hybrid key agreement procedure in the TLS 1.3 stack shall be implemented (based on the TLS minimal standards of IETF and BSI).

Cryptographic documentation

The implemented algorithms shall be checked thoroughly as recommended by BSI. The documentation of the library shall be revised correspondingly, mainly cryptographic documentation.
@randombit randombit added the enhancement Enhancement or new feature label Mar 25, 2023
@securitykernel
Copy link
Collaborator Author

securitykernel commented Apr 8, 2023
edited
Loading

The work package Extending Botan with PQC algorithms was slightly rescheduled. I updated all scheduled implementation dates in the linked issues.

@securitykernel
Copy link
Collaborator Author

With rescheduling of the work package Extending Botan with PQC algorithms, the project's duration was extended by 3 months, which I updated in the original description now.

@reneme reneme mentioned this issue Aug 15, 2024
Closed
@reneme reneme mentioned this issue Oct 15, 2024
Closed
@reneme reneme added this to the Botan 3.7.0 milestone Nov 21, 2024
@reneme
Copy link
Collaborator

reneme commented Nov 21, 2024

We plan that the upcoming Botan 3.7.x release will be the last in scope of this BSI-funded project. With Classic McEliece (#3883) merged, all major mile stones of the project have been reached and are now upstream. 🥳

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Enhancement or new feature
Projects
None yet
Milestone
Botan 3.7.0
Development

No branches or pull requests
3 participants
@randombit @reneme @securitykernel