In the PORTUNUS project we investigate as part of the ATHENE research area Cryptography crypto-agile APIs for hardware implemented post-quantum cryptography.
Progress in the development of cryptographic methods that are resistant to quantum computing is proceeding apace. The number of cryptographic algorithms has steadily increased in recent years. This increase is due to several events, including in particular the process initiated by NIST to identify post-quantum algorithms. In addition, a high diversity of variants of cryptographic algorithms and cryptographic libraries exists.
For efficient, practical use, a triad must be harmonized between cryptographers who develop PQC algorithms, platform integration experts who implement these algorithms on hardware, and software developers who want to use them. This topic is addressed in the PORTUNUS project by the partners of Fraunhofer SIT, TU Darmstadt and Hochschule Darmstadt.
In the context of the topic, Fraunhofer SIT is dedicated to the theoretical question of how emerging PQC algorithms can be accelerated more effectively. This is done in close cooperation with the TU-Darmstadt, which focuses on hardware-related implementation. This mainly includes the development of Multi-Level Intermediate Representation MLR compiler optimizations for CPU, GPU, ASICs and FPGAs.
Work packages of H-DA in Portunus:
Hochschule Darmstadt University of Applied Sciences is developing a platform for integrating these compiler-optimized algorithms. For this purpose, an API is being developed that enables flexible and user-friendly use of algorithms under the given specified cryptographic requirements.
In the context of cryptoagility, the API offers a set of cryptographic libraries (such as OQS and OpenSSL) from which any cryptographic algorithm can be selected depending on the use case.
The API is subdivided into several modules, each of which performs specific tasks in the encryption process. These include key storage, algorithm information management and the selection of algorithms by the API.
The goal is to abstract the complexity of cryptography in order to make it easier for developers to handle cryptographic components while minimizing implementation errors and the associated security risks.