2. The core of Quantumnet - Yarkane/Quantumnet GitHub Wiki

The main functionnalities of Quantumnet are available in the python file pq_server_simulation.py. It provides a CLI to conduct individual experiments, using all these parameters :

@click.command()
@click.option('--tls_port', default="4433", help="The port of the TLS server")
@click.option('--sig', default="dilithium2", help="Use this to specify a signature algorithm.")
@click.option('--kex', default="saber", help="Use this to specify a key exchange algorithm.")
@click.option('--bandwith', default="8", help="The bandwith of the 'switch <-> server' link.")
@click.option('--delay', default="10ms", help="The delay of the 'switch <-> server' link (in format : 10ms)")
@click.option('--loss', default="0", help="The loss percentage of the 'switch <-> server' link (from 0 to 1).")
@click.option('--cpu', default="1", help="The CPU usage percentage (from 0 to 1) allowed to the server.")
@click.option('--nodes', default="1", help="The number of clients.")
@click.option('--queue', default="14", help="The maximum size of the queue for the 'switch <-> server' link.")
@click.option('--time_exp', default="5", help="The time during which the experiment will be conducted.")
@click.option('--hybrid_sig', is_flag=True, help="To combine the signature algorithm with the corresponding EC.")
@click.option('--hybrid_kex', is_flag=True, help="To combine the key exchange algorithm with the corresponding EC.")
@click.option('--www', is_flag=True, help="To download the PQ Wikipedia webpage after each handshake.")

It also provide an API that you can import to other programs :

def simulate(port, kex, sig, bw=8, delay="10ms", loss=0, cpu_usage=1.0, n_nodes=1, max_queue=14, time_exp=5, www=False):

This is this function, simulate, that is used in the other programs of the project.

The other main components of this python script are :

  • QuantumTopo : A simple topology to test the tool. Simple Quantumnet Topology
  • nginx_setup and prepare_PKI that fill configuration files with the correct values.
  • s_time that gives the command to launch the function on a node.
  • As the output of the simulation will be a text output, it can be useful to parse it via the function parse_return.

To describe a little bit more this last point, consider that the output delivered by openssl's s_time will be this type of output :

Collecting Connection statistics for 5 seconds
    *******

    x connections in xs; x connections/user sec, bytes read 0
    x connections in x real seconds, x bytes read per connection

We parse it in a JSON object of this type :

{
            "nb_seconds": nb_seconds,
            "nb_connections_unrealsecs": nb_connections_unrealsecs,
            "nb_unrealsecs": nb_unrealsecs,
            "nb_conn_user_secs": nb_conn_user_secs,
            "bytes_read": bytes_read,
            "nb_connections_realsecs": nb_connections_realsecs,
            "nb_realsecs": nb_realsecs,
            "bytes_read_per_conn": bytes_read_per_conn
}

Then, these fields will be used in the exploitation.