DataCrusade1999
commented
1 year ago Hi, @denknorr I'm Ashutosh Pandey and I would like to work on this project in this year's GSoC should I ask for help on the mailing list about this project or here??
Open denknorr opened 1 year ago
DataCrusade1999
commented
1 year ago Hi, @denknorr I'm Ashutosh Pandey and I would like to work on this project in this year's GSoC should I ask for help on the mailing list about this project or here??
denknorr
commented
1 year ago Hi, @DataCrusade1999 thank you for your interest :) Please ask on the mailinglist. The GSOC process is ongoing at the moment.
DataCrusade1999
commented
1 year ago Hi, @denknorr, sorry for responding late. I've asked about this project on the openSUSE project mailing list and was told to get in contact with the mentor of the project for proposal writing and help. seeing that this project is security-related I've joined the openSUSE security mailing list and I've also joined the openSUSE factory mailing list. as of now I'm going through the pdf that is listed above to gain some insight about the project and its requirements. as you have suggested that I should ask the question on the mailing list could you point me to the mailing list which would be better suited for this project openSUSE-security(this mailing list isn't active that much) or openSUSE-factory mailing??
denknorr
commented
1 year ago Hey @DataCrusade1999 ah, okay, i asked you to ask on the mailinglist as the organization was not officially approved for GSOC. Now that we are recognized, you can write to our mailaddresses (surname.lastname@suse.com) listed in the GSOC project/up in the task.
Project Title: Project title, short enough to catch attention
Provide a library for determining keylength security
Description: General information about the project, avoid one Liners, the description should be as detailed as possible.
The project would be writing a library for looking at keylength of algorithms and measuring their security according to different standards. For example RSA-4096 is currently considered secure, but RSA-1024 not. We want a library which embedds this knowledge and can be requested. Furtheron we want to be able to enhance the library or write a program which does scan keys or certificates and determines their security strength. This should be done according to different standards, think NIST standards or IETF or BSI standards.
There's already a website which does this similarly, called keylength.com, but this is not usable as a library, nor cannot be used in a pipeline or an offline program
This library could be done in Rust but the most important point is, that it can be linked to other (lowlevel) languages
Deliverable: Expectations from the student at the end of the project
Mentor: Who is the mentor? Who is the Co-Mentor? Also please assign the issue to the mentor!
Dennis Knorr (dennis.knorr@suse.com) Martin Sirringhaus (martin.sirringhaus@suse.com)
Skills: Which skills are needed? Programming languages, frameworks, concepts etc.
Skill Level: Easy, Medium, Hard
Medium
Prject Size: Medium Sized Project (175 hours), Large Sized Project (350 hours)
As reading and grokking the papers might take some time and also writing a program which scans keys needs parsing, this is more a large project
Get started: Tasks that mentors may want to suggest students so that they can start contributing to the code base (e.g. junior jobs, low hanging fruits, discussion on the mailing list)