The main goal is to provide the tools necessary so that anyone can successfully implement current cryptography into their application.
This page is a work in progress.
I just completed implementing RS Erasure coding and RS Error Correction coding. Packages published to Cryptography repository, and ProCrypto-1-1-1/ProCryptoTests-1-1-1 are updated. Here are the plugins [1][2]. There are still issues with RSFEC GFs, including problems with all Aztec GFs and Maxicode and QRCode. DataMatrix256 works, though.
Identify and isolate Cryptographic classes and define SM package for base image classes.
Maintain Current Cryptography Standards in the image.
Make sure that the external package stays current with image implementations. (SHA1 and SecureHashAlgorithm are copies of each other but there were differences in implementations. I'm not sure why we need both but there you are.) If they export the same interface, it may be because of differences in processing speed on different platforms. If that's the case, we may need to implement x86, RISC, PowerPC, m68k, etc versions for when the processor is known. -Kyle H
Fix errors in Cryptography in package or in image like ThrityTwoBitRegister, The byteArray appears to be implemented backwards. We will need rights to make/change assignments in Mantis.
Get external US Government certification of Security for external package and image components.
Research and add cryptography as necessary to stay current with cryptographic changes in the industry. Isn't this part of #2, above? -Kyle H
Support CACert.
Integrate Signatures and Encryption into Email Packages.
Write Security Articles for cross promotion with squeak news team (and publish some articles outside this group for squeak promotion).
Start Cryptography list for people using the internal or external package for cryptographic news and alerts, or changes in implementations planned so that consumers of the cryptographic code can understand what changes are needed to integrate new code.This task is complete, cryptography@lists.squeakfoundation.org -Kyle H
Support PGP
Fix PKI
Assess adding SFTP
Review ANS1 (and voip or other high profile implementations for reference implementation) Is this ASN.1? PKI depends on it anyway if that's the case – we just need to support Basic, Distinct, and XML encoding rules. -Kyle H
Support and Develop SUnit cases for everything.
PKI Tasks
Review Current Implementation
Isolate classes and convert to Monticello Format
Develop / Round out Streaming Protocol (similar to SSH or SSL)
Add State machine
Add PKI/Diffie Hellman Handshaking
Project path:
ASN1 implementation
Compare Cincom's non comercial version to the Squeak Asn1 implementation
Port Cincom's non comercial version features or entire package if necessary
x509 version3
Diffie Helmann (see 12.3b)
AES, 3DES and various other block and symmetric ciphers.
ssl / tls version 3 of ssl.
CC validation Notes
Tasks (10/17/06)
Decide on the Protection Profile(s) we want to address
Define the claims and security target (Most probably we would need 3-4 configurations)
Start a function List and Test Matrix
Where can we host a Wiki?
Here for now
This will help us prove our case, so we should start this task ASAP
Develop the ToE (Target of Evaluation – the software system that will be evaluated against the Protection Profile) -Kyle H
Understand and document the CC process relevant to us. Read and mark the CC documents, talk with Labs et al
I think we would fall under the Operating Systems - Single-Level Operating Systems in Medium Robustness Environments PP Note: we must meet all protection profile objectives for everything that the base system does, or provide an automated means of configuring those things out (key management, certificate management, etc) – Kyle H
Section 3 contains the threats, security policy (SP), and the assumptions made about things that affect security.
Section 4 contains the objectives to be met
Section 5 has the cryptographic module requirements (and there are a LOT of them -Kyle H)
We have a lot of work ahead of us. Among other things:
get the VM team to start using an SVN export (tagging each exported release with source file revision information) for each release, instead of merely copying the data out of the development environment (as suggested they do at http://www.squeakvm.org/svn/squeak/trunk/platforms/win32/HowToBuild.txt).
get a means to set a "security flag" within the image that places system tasks inside their own scheduler and outside the control of any user task
make reflection of the cryptographic classes impossible
create a means of preventing cryptographic operations from being interrupted by a "save image" process (thus possibly exposing plaintext key material or seeds in the image file)
must generate a cryptographic signature of the image when it is saved, and verify it after it is saved
must provide graceful fallback to prior versions of the image file
must get a means of saving images to a round-robin collection of files
must separate sysadmin and cryptadmin tasks
must identify all possible object accesses (for example, debugging a running process, or debugging an unhandled exception), and determine a means of controlling access to them
This is just off the top of my head after reading the PP. There's a lot more, and it is going to take a lot of time to do... and what we come up with is only superficially going to resemble the current Squeak when we're done. -Kyle H