+\section{Abstract}
+
+This whitepaper arose out of the need to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-PRISM age.
+Since the NSA leaks in the summer of 2013, many system administrators and IT security officers felt the need to update their encryption settings.
+
+However, as Schneier\cite{SchneiderNSAbreaksEncryption} noted, it seems that intelligence agencies and adversaries on the Internet are not breaking so much the mathematics of encryption per se, but rather use weaknesses and sloppy settings in encryption frameworks to break the codes, next to using other means such as ``kinetic-decryption'' (breaking in, stealing keys) or planting backdoors, etc.
+
+
+This following whitepaper can only address one aspect of securing our information systems: getting the crypto settings right. Other attacks, as the above mentioned kinetic cryptanalysis, require different protection schemes which are not covered in this whitepaper.
+
\title{Applied Crypto Hardening}
-\author{ Manuel Koschuch\inst{1}, Adi Kriegisch\inst{2}, Leon Aaron Kaplan\inst{3}}
+\author{ Manuel Koschuch\inst{1}, Adi Kriegisch\inst{2}, L. Aaron Kaplan\inst{3}, Tobias Dussa\inst{4}, Heiko Reese\inst{4}}
\institute{
FH Wien
\and
VRVis
\and
-Computer Emergency Response Team Austria}
+CERT.at
+\and
+Karlsruhe Institute of Technology
+}
\maketitle
\section{Disclaimer}
+Furthermore, this guide can only describe what the authors currently \emph{believe} to be the best settings based on their personal experience. This guide was cross checked by XXX FIXME XXX people. Even though, multiple specialists reviewed the guide, the authors can give \emph{no guarantee} whatsover that they made the right recommendations. After all, tomorrow there might be a new attack on some ciphers and much of the recommendations in this guide will turn out to be wrong.
-Aktueller Stand ... morgen kann alles anders sein
-disclaimer disclaimer disclaimer
-Der Inhalt dieses whitepapers ist ausschliessliche die persoenliche *Meinung* der Autoren. Wurde nach besten Wissen und Gewissen erstellt.
-Keine Garantie auf Korrektheit etc. Disclaimer, was in dem Paper *nicht* drinnen steht bzw. was wir nicht wissen. Veroeffentlichungsdatum angeben, kein Ablaufdatum des whitepapers angeben.
+%% should we keep that sentence?
+%% The authors do not know XXX FIXME XXX list things we don't know which affect the guide? XXX
+Nevertheless, ignoring the problem and keeping outdated settings for SSL, SSH, PGP is not an option. We the authors, need this document as much as the gentle reader needs it.
+This document was published: on XXXX FIXME XXX.
git.bettercrypto.org / ach-master.git / commitdiff