new stylesheet
authorAaron Kaplan <aaron@lo-res.org>
Sun, 3 Nov 2013 21:55:40 +0000 (22:55 +0100)
committerAaron Kaplan <aaron@lo-res.org>
Sun, 3 Nov 2013 21:55:40 +0000 (22:55 +0100)
re-arranging stuff

src/Makefile
src/applied-crypto-hardening.tex
src/applied-crypto-hardening.tex.simple [new file with mode: 0644]
src/disclaimer.tex
src/methods.tex
src/practical_settings.tex

index 862290e..8b9a889 100644 (file)
@@ -1,13 +1,13 @@
 NOW := $(shell date)
 
 all:
 NOW := $(shell date)
 
 all:
-       latex applied-crypto-hardening
+       pdflatex applied-crypto-hardening
        # no bibtex citations atm
        bibtex applied-crypto-hardening
        #latex applied-crypto-hardening
        # no bibtex citations atm
        bibtex applied-crypto-hardening
        #latex applied-crypto-hardening
-       latex applied-crypto-hardening
+       pdflatex applied-crypto-hardening
        #dvipdfm -z 9 applied-crypto-hardening
        #dvipdfm -z 9 applied-crypto-hardening
-       dvipdf applied-crypto-hardening.dvi
+       #dvipdf applied-crypto-hardening.dvi
 
 clean:
        rm -f applied-crypto-hardening.aux applied-crypto-hardening.bbl applied-crypto-hardening.blg applied-crypto-hardening.dvi applied-crypto-hardening.log applied-crypto-hardening.pdf
 
 clean:
        rm -f applied-crypto-hardening.aux applied-crypto-hardening.bbl applied-crypto-hardening.blg applied-crypto-hardening.dvi applied-crypto-hardening.log applied-crypto-hardening.pdf
index 3f20385..e6c40fa 100644 (file)
@@ -1,17 +1,32 @@
-\documentclass{llncs}
-
-\usepackage{amsmath}
-\usepackage{amssymb}
-%\usepackage{psfrag}
-%\usepackage{graphicx}
-%\usepackage{color}
-%\usepackage{subfigure}
-%\usepackage[latin1]{inputenc}  % Sonderzeichen, Umlaute  
-\usepackage[utf8x]{inputenc}  % Sonderzeichen, Umlaute  
-\usepackage{hyperref}
-\usepackage{placeins}
-
+%%% LaTeX Template: Two column article
+%%%
+%%% Source: http://www.howtotex.com/
+%%% Feel free to distribute this template, but please keep to referal to http://www.howtotex.com/ here.
+%%% Date: February 2011
+
+%%% Preamble
+\documentclass[        DIV=calc,%
+                                                       paper=a4,%
+                                                       fontsize=9pt,%
+                                                       onecolumn]{scrartcl}                                            % KOMA-article class
+
+\usepackage{lipsum}                                                                                                    % Package to create dummy text
+
+\usepackage[english]{babel}                                                                            % English language/hyphenation
+\usepackage[protrusion=true,expansion=true]{microtype}                         % Better typography
+\usepackage{amsmath,amsfonts,amsthm}                                   % Math packages
+\usepackage[pdftex]{graphicx}                                                                  % Enable pdflatex
+%\usepackage[svgnames]{xcolor}                                                                 % Enabling colors by their 'svgnames'
+\usepackage[hang, small,labelfont=bf,up,textfont=it,up]{caption}       % Custom captions under/above floats
+\usepackage{epstopdf}                                                                                          % Converts .eps to .pdf
+\usepackage{subfig}                                                                                                    % Subfigures
+\usepackage{booktabs}                                                                                          % Nicer tables
+\usepackage{fix-cm}                                                                                                    % Custom fontsizes
+
+% custom changes:
 \usepackage[usenames,dvipsnames,svgnames,table]{xcolor}
 \usepackage[usenames,dvipsnames,svgnames,table]{xcolor}
+\usepackage{placeins}
+\usepackage{hyperref}
 
 \definecolor{green}{RGB}{32,113,10}
 \definecolor{orange}{RGB}{251,111,16}
 
 \definecolor{green}{RGB}{32,113,10}
 \definecolor{orange}{RGB}{251,111,16}
 \definecolor{blue}{RGB}{0,28,128}
 
 
 \definecolor{blue}{RGB}{0,28,128}
 
 
-\pagenumbering{arabic}
-\pagestyle{plain}
 
 
+%%% Custom sectioning (sectsty package)
+\usepackage{sectsty}                                                                                                   % Custom sectioning (see below)
+\allsectionsfont{%                                                                                                                     % Change font of al section commands
+       \usefont{OT1}{phv}{b}{n}%                                                                               % bch-b-n: CharterBT-Bold font
+       }
 
 
-\newcommand{\todo}[1]{\marginpar{\textbf{TODO!}}\parbox{\columnwidth}{\textbf{\textsc{\textcolor{red}{(TODO: #1)}}}}}
-% Auskommentieren:
-\newcommand{\ignorethis}[1]{}
-\newcommand{\needcite}{\todo{Need citation!}}
+\sectionfont{%                                                                                                                         % Change font of \section command
+       \usefont{OT1}{phv}{b}{n}%                                                                               % bch-b-n: CharterBT-Bold font
+       }
 
 
 
 
-\begin{document}
 
 
+%%% Headers and footers
+\usepackage{fancyhdr}                                                                                          % Needed to define custom headers/footers
+       \pagestyle{fancy}                                                                                                               % Enabling the custom headers/footers
+\usepackage{lastpage}  
+
+% Header (empty)
+\lhead{}
+\chead{}
+\rhead{}
+% Footer (you may change this to your own needs)
+\lfoot{\footnotesize Applied Crypto Hardening \textbullet ~Draft}
+\cfoot{}
+\rfoot{\footnotesize page \thepage\ of \pageref{LastPage}}     % "Page 1 of 2"
+\renewcommand{\headrulewidth}{0.0pt}
+\renewcommand{\footrulewidth}{0.4pt}
+
+
+
+%%% Creating an initial of the very first character of the content
+\usepackage{lettrine}
+\newcommand{\initial}[1]{%
+     \lettrine[lines=3,lhang=0.3,nindent=0em]{
+                               \color{DarkGoldenrod}
+                               {\textsf{#1}}}{}}
+
+
+
+%%% Title, author and date metadata
+\usepackage{titling}                                                                                                                   % For custom titles
+
+\newcommand{\HorRule}{\color{DarkGoldenrod}%                   % Creating a horizontal rule
+                                                                               \rule{\linewidth}{1pt}%
+                                                                               }
+
+\pretitle{\vspace{-30pt} \begin{flushleft} \HorRule 
+                               \fontsize{50}{50} \usefont{OT1}{phv}{b}{n} \color{DarkRed} \selectfont 
+                               }
 \title{Applied Crypto Hardening}
 \title{Applied Crypto Hardening}
+\posttitle{\par\end{flushleft}\vskip 0.5em}
+
+\preauthor{\begin{flushleft}
+                                       \large \lineskip 0.5em \usefont{OT1}{phv}{b}{sl} \color{DarkRed}}
 
 
-\author{ Manuel Koschuch\inst{1}, Adi Kriegisch\inst{2}, L. Aaron Kaplan\inst{3}, Tobias Dussa\inst{4}, Heiko Reese\inst{4}}
-\institute{
-FH Campus Wien
-\and
-VRVis
-\and
-CERT.at
-\and
-Karlsruhe Institute of Technology
-}
+\author{ Manuel Koschuch, Adi Kriegisch, L. Aaron Kaplan, Tobias Dussa, Heiko Reese}
+%\institute{
+%FH Campus Wien
+%\and
+%VRVis
+%\and
+%CERT.at
+%\and
+%Karlsruhe Institute of Technology
+%}
 
 
+\postauthor{\footnotesize \usefont{OT1}{phv}{m}{sl} \color{Black} 
+ (FH Campus Wien, VRVis, CERT.at, Karlsruhe Institute of Technology)
+                                       \par\end{flushleft}\HorRule}
 
 
+\date{2013-11-03}
+
+
+
+%%% Begin document
+\begin{document}
 \maketitle
 \maketitle
+\thispagestyle{fancy}                  % Enabling the custom headers/footers for the first page 
+% The first character should be within \initial{}
+%\initial{H}\textbf{ere is some sample text to show the initial in the introductory paragraph of this template article. The color and lineheight of the initial can be modified in the preamble of this document.}
+
 
 \input{abstract}
 \input{disclaimer}
 
 \input{abstract}
 \input{disclaimer}
diff --git a/src/applied-crypto-hardening.tex.simple b/src/applied-crypto-hardening.tex.simple
new file mode 100644 (file)
index 0000000..3f20385
--- /dev/null
@@ -0,0 +1,65 @@
+\documentclass{llncs}
+
+\usepackage{amsmath}
+\usepackage{amssymb}
+%\usepackage{psfrag}
+%\usepackage{graphicx}
+%\usepackage{color}
+%\usepackage{subfigure}
+%\usepackage[latin1]{inputenc}  % Sonderzeichen, Umlaute  
+\usepackage[utf8x]{inputenc}  % Sonderzeichen, Umlaute  
+\usepackage{hyperref}
+\usepackage{placeins}
+
+\usepackage[usenames,dvipsnames,svgnames,table]{xcolor}
+
+\definecolor{green}{RGB}{32,113,10}
+\definecolor{orange}{RGB}{251,111,16}
+\definecolor{red}{RGB}{247,56,0}
+\definecolor{blue}{RGB}{0,28,128}
+
+
+\pagenumbering{arabic}
+\pagestyle{plain}
+
+
+\newcommand{\todo}[1]{\marginpar{\textbf{TODO!}}\parbox{\columnwidth}{\textbf{\textsc{\textcolor{red}{(TODO: #1)}}}}}
+% Auskommentieren:
+\newcommand{\ignorethis}[1]{}
+\newcommand{\needcite}{\todo{Need citation!}}
+
+
+\begin{document}
+
+\title{Applied Crypto Hardening}
+
+\author{ Manuel Koschuch\inst{1}, Adi Kriegisch\inst{2}, L. Aaron Kaplan\inst{3}, Tobias Dussa\inst{4}, Heiko Reese\inst{4}}
+\institute{
+FH Campus Wien
+\and
+VRVis
+\and
+CERT.at
+\and
+Karlsruhe Institute of Technology
+}
+
+
+\maketitle
+
+\input{abstract}
+\input{disclaimer}
+\input{motivation}
+\input{methods}
+\input{overview_common_crypto_systems}
+\input{keylengths}
+\input{RNGs}
+\input{practical_settings}
+\input{PKIs}
+\input{tools}
+\input{further_research}
+\input{reviewers}
+
+\bibliography{applied-crypto-hardening}
+
+\end{document}
index fb3dbbb..520dfe5 100644 (file)
@@ -6,5 +6,4 @@ Furthermore, this guide can only describe what the authors currently \emph{belie
 
 Nevertheless, ignoring the problem and keeping outdated settings for SSL, SSH, PGP is not an option. We the authors, need this document as much as the gentle reader needs it.
 
 
 Nevertheless, ignoring the problem and keeping outdated settings for SSL, SSH, PGP is not an option. We the authors, need this document as much as the gentle reader needs it.
 
-Date: Sun Nov  3 21:47:55 CET 2013
 
 
index c885603..f8c67b1 100644 (file)
@@ -1,4 +1,4 @@
-\section{How this document was produced}
+\section{Methods}
 
 For many years, NIST was considered a reasonable choice for recommendations in
 the field of cryptography. However, the NSA leaks of 2013 showed that even
 
 For many years, NIST was considered a reasonable choice for recommendations in
 the field of cryptography. However, the NSA leaks of 2013 showed that even
@@ -9,10 +9,11 @@ recommendations.
 
 We chose to collect the most well known facts about crypto-settings and let as
 many trusted specialists as possible review these settings.  The review process
 
 We chose to collect the most well known facts about crypto-settings and let as
 many trusted specialists as possible review these settings.  The review process
-is done on a public mailing list. The document is offered (read-only) to a
-publicly available git server. However, write permissions to the document are
-only granted to trusted people, preferably outside of the U.S.  Every write
+is done on a public mailing list. The document is available (read-only) to the
+public on a git server. However, write permissions to the document are only
+granted to trusted people, preferably outside of the U.S.  Every write
 operation to the document is logged via the "git" version control system.  We
 do not trust an unknown git server. The git server is hardened itself.
 
 
 operation to the document is logged via the "git" version control system.  We
 do not trust an unknown git server. The git server is hardened itself.
 
 
+
index c790508..08ab252 100644 (file)
@@ -3,30 +3,31 @@
 
 \subsection{SSL}
 
 
 \subsection{SSL}
 
-At the time of this writing, SSL is defined in RFCs:   
-
-\begin{itemize}
-\item RFC2246 - TLS1.0         
-\item RFC3268 - AES            
-\item RFC4132 - Camelia                
-\item RFC4162 - SEED           
-\item RFC4279 - PSK            
-\item RFC4346 - TLS 1.1                
-\item RFC4492 - ECC            
-\item RFC4785 - PSK\_NULL              
-\item RFC5246 - TLS 1.2                
-\item RFC5288 - AES\_GCM               
-\item RFC5289 - AES\_GCM\_SHA2\_ECC            
-\item RFC5430 - Suite B                
-\item RFC5487 - GCM\_PSK               
-\item RFC5489 - ECDHE\_PSK             
-\item RFC5932 - Camelia                
-\item RFC6101 - SSL 3.0                
-\item RFC6209 - ARIA           
-\item RFC6367 - Camelia                
-\item RFC6655 - AES\_CCM               
-\item RFC7027 - Brainpool Curves               
-\end{itemize}
+%%% NOTE: we do not need to list this all here, can move to an appendix
+%At the time of this writing, SSL is defined in RFCs:  
+%
+%\begin{itemize}
+%\item RFC2246 - TLS1.0                
+%\item RFC3268 - AES           
+%\item RFC4132 - Camelia               
+%\item RFC4162 - SEED          
+%\item RFC4279 - PSK           
+%\item RFC4346 - TLS 1.1               
+%\item RFC4492 - ECC           
+%\item RFC4785 - PSK\_NULL             
+%\item RFC5246 - TLS 1.2               
+%\item RFC5288 - AES\_GCM              
+%\item RFC5289 - AES\_GCM\_SHA2\_ECC           
+%\item RFC5430 - Suite B               
+%\item RFC5487 - GCM\_PSK              
+%\item RFC5489 - ECDHE\_PSK            
+%\item RFC5932 - Camelia               
+%\item RFC6101 - SSL 3.0               
+%\item RFC6209 - ARIA          
+%\item RFC6367 - Camelia               
+%\item RFC6655 - AES\_CCM              
+%\item RFC7027 - Brainpool Curves              
+%\end{itemize}
 
 \subsubsection{Overview of SSL Server settings}
 
 
 \subsubsection{Overview of SSL Server settings}
 
@@ -87,7 +88,8 @@ Next we tested the cipher suites above on the following clients:
 The result of testing the cipher suites with these clients gives us the following result and a preference order. 
 Should a client not be able to use a specific cipher suite, it will fall back to the next possible entry as given by the ordering.
 
 The result of testing the cipher suites with these clients gives us the following result and a preference order. 
 Should a client not be able to use a specific cipher suite, it will fall back to the next possible entry as given by the ordering.
 
-\begin{table}
+\begin{table}[h]
+\small
     \begin{tabular}{|l|l|l|l|l|}
     \hline
     Pref & Cipher Suite                                   & ID         & Browser                     \\ \hline
     \begin{tabular}{|l|l|l|l|l|}
     \hline
     Pref & Cipher Suite                                   & ID         & Browser                     \\ \hline
@@ -108,6 +110,8 @@ Should a client not be able to use a specific cipher suite, it will fall back to
 The same data again, specifying the OpenSSL name:
 
 \begin{table}[h]
 The same data again, specifying the OpenSSL name:
 
 \begin{table}[h]
+\small
+\FloatBarrier
     \begin{tabular}{|l|l|l|}
     \hline
     Cipher Suite                                   & ID            & OpenSSL Name                  \\ \hline
     \begin{tabular}{|l|l|l|}
     \hline
     Cipher Suite                                   & ID            & OpenSSL Name                  \\ \hline
@@ -124,6 +128,7 @@ The same data again, specifying the OpenSSL name:
 \end{table}
 
 
 \end{table}
 
 
+
 Based on this ordering, we can now define the corresponding settings for servers. We will start with the most common web servers
 
 \subsubsection{Apache}
 Based on this ordering, we can now define the corresponding settings for servers. We will start with the most common web servers
 
 \subsubsection{Apache}