cryptographic library botan for long-term durable security
motivation
with the rapidly progressing development of quantum computing, the computation of mathematically complex problems can potentially be accelerated by several magnitudes. on the one hand, this results in advantages for efficiently solving extensive optimization problems. on the other hand, many cryptographic algorithms used in today’s (practical) systems are endangered, as their security is based on exactly such mathematical problems. for this reason so-called post-quantum secure encryption methods shall be applied in the future.
approach and goals
the goal of the kbls project is the enhancement of the cryptographic library botan particularly for long-term durable security. therein, the following interrelated problems and challenges are in our focus:
- post-quantum cryptography: we investigate cryptographic algorithms, which are particularly resistant against being broken by a quantum computer.
- cryptographic agility: to ensure that a cryptographic system remains capable and secure on the long-term, we must be able to exchange its critical components with minimal effort. this can affect algorithms, protocols, random number generators and standards for instance.
- key management: cryptographic keys are an important core element for the security of a system. this property must especially be considered for the generation, storage and deletion of these keys, but also for binding them to hardware.
- usability: human error is the most prominent vulnerability when using cryptographic systems. the user should be supported with adequate methods to avoid errors in order to contribute to a security gain.
as a result, solutions should be elaborated, so that a developer using the cryptographic library – also in terms of quantum computing – can apply secure, flexible and yet comfortably usable cryptographic algorithms.
project organization
kbls is a joint research project funded by the german federal ministry of education and research (bmbf) and involves various expert partners from research and industrial fields. the bmbf is the project owner for this project. the fraunhofer-institute for applied and integrated security is responsible for the project lead.
- project management: vdi/vde innovation technik gmbh
- consortium: fraunhofer-institute for applied and integrated security (aisec), technische universität berlin, rohde & schwarz cybersecurity gmbh, nexenio gmbh
- project duration: 12/2019 – 12/2022