NOTE: As of September 2024 we are no longer maintaining att/qujata. Please refer to the fork by ATIS, as they will be resuming this work.
- Overview
- Algorithms
- Getting Started
- Development
- Project Roadmap
- Contributing
- Releases
- Code of Conduct
- License
In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.
Qujata project (after myth creature Kujata or Quyata) is a testbed, evaluating the performance of the supported Quantum-Safe Crypto protocols by their client & server vital signs, like memory and cpu usage, connection time, download speed, once connection is established, etc.
This section lists all quantum-safe algorithms supported by this oqs testbed.
As standardization for these algorithms within TLS is not done, all TLS code points/IDs can be changed from their default values to values set by environment variables. This facilitates interoperability testing with TLS1.3 implementations that use different IDs.
Algorithm name | Enabled | Type |
---|---|---|
bikel1 | Yes | Post Quantum |
bikel3 | Yes | Post Quantum |
bikel5 | Yes | Post Quantum |
frodo1344aes | Yes | Post Quantum |
frodo1344shake | Yes | Post Quantum |
frodo640aes | Yes | Post Quantum |
frodo640shake | Yes | Post Quantum |
frodo976aes | Yes | Post Quantum |
frodo976shake | Yes | Post Quantum |
hqc128 | Yes | Post Quantum |
hqc192 | Yes | Post Quantum |
hqc256 | Yes | Post Quantum |
kyber1024 | Yes | Post Quantum |
kyber512 | Yes | Post Quantum |
kyber768 | Yes | Post Quantum |
p256_kyber512 | Yes | Hybrid |
p384_kyber768 | Yes | Hybrid |
prime256v1 | Yes | Classic |
secp384r1 | Yes | Classic |
x25519_kyber768 | Yes | Hybrid |
We suggest using the Docker Compose distribution, but a Kubernetes Helm charts procedure is avalable if you’d prefer to run the Qujata in your kubernetes environment.
also a Development Installation procedure to run the Qujata in development mode is provided.
To start, clone the qujata repository:
git clone https://github.com/att/qujata.git
cd qujata
There are two ways to install qujata runtime on your machine
- Individual Dockers
- Within a pre-built Kubernetes setup
These two options are detailed below.
Prerequisit: Docker, Docker Compose.
Docker Compose is included in Docker Desktop installation
- cd to the following directory:
cd run/docker
- Start the application using:
docker compose up
- the UI is available on:
http://localhost:2000/qujata
- The grafana UI is now available by clicking on the button in the UI or using the below url and selecting 'Qujata Analysis' dashboard:
http://localhost:3000/
The initial username/password for grafana is qujata/qujata
.
Prerequisit: Kubernetes, Helm
If you're using Docker Desktop you can Enable Kuberenets in Docker Desktop
- cd to the following directory:
cd run/kubernetes
- install helm charts:
helm dependency update
helm install qujata . --create-namespace --namespace qujata
- expose ports (creates 3 background processes):
kubectl port-forward service/qujata-grafana 3000:3000 -n qujata & \
kubectl port-forward service/qujata-portal 2000:80 -n qujata & \
kubectl port-forward service/qujata-api 3020:3020 -n qujata &
NOTE: Please note port-forward command does not return. It will forward the port(s) until CTRL+C is pressed, see this page for more details. If background process was used (& and the end of each bash command, like we suggested above), you will need to use fg
command 3 times to bring the services back to forground and CTRL+C on each to stop forwarding or simply use this command to kill all port forwarding at once:
pkill -f "port-forward"
To check if the right ports are indeed forwarded, open a new bash/terminal window and try the following command:
ps -f | grep 'kubectl' | grep 'port-forward' | awk '{print $10 " " $11}'
- the UI is available on:
http://localhost:2000/qujata
- The grafana UI is now available by clicking on the button in the UI or using the below url and selecting 'Qujata Analysis' dashboard:
http://localhost:3000/
The initial username/password for grafana is qujata/qujata
.
As opposed to installing qujata runtime, explained in the Getting Started section, developing and/or contributing code to the project requires installation of all the compounders listed below on your machine.
In order to install and run the various components in development mode, see these individual read me files for each of them.
For UI development contributors, please find below our current UI/UX design. Suggestions for improvement are always welcome. Qujata_Wireframes.pdf
Information about our roadmap can be found here.
Information about how to contribute, can be found here.
See here.
Qujata project is based on Open Quantum Safe project and other work done by NIST and other organization and individuals, working on PQC (Post Quantum Safe) cryptography algorithms
Code of conduct can be found here
License can be found here.