Zur Integration von Post-Quantum Verfahren in bestehende Softwareprodukte
This addresses integration problems for software developers dealing with PQC standards, though it is incremental as it builds on existing libraries and focuses on specific case studies.
The paper tackles the challenge of integrating post-quantum cryptography (PQC) algorithms into existing software products, such as the InboxPager email client and Bouncy Castle TLS library, by using the eUCRITE crypto library to mitigate implementation errors and incompatibilities.
Currently, PQC algorithms are being standardized to address the emerging threat to conventional asymmetric algorithms from quantum computing. These new algorithms must then be integrated into existing protocols, applications and infrastructures. Integration problems are to be expected, due to incompatibilities with existing standards and implementations on the one hand, but also due to a lack of knowledge among software developers about how to handle PQC algorithms. To illustrate incompatibilities, we integrate two different PQC algorithms into two different existing software products (the InboxPager email client for the Android OS and the TLS implementation of the Bouncy Castle crypto library). Here, we rely on the highly-abstract crypto library eUCRITE, which hides technical details about the correct usage of classical and PCQ algorithms and thus prevents some potential implementation errors.