misp-bump/README.md

# MISPbump
Simple and secure synchronisation of MISP instances

# What is MISPbump?
With MISPbump admins can easily synchronize MISP instances by exchanging relevant information via encrypted QR codes.

> Note that only **use case 1** from the [documentation](https://www.circl.lu/doc/misp/sharing/) is supported.

# How does MISPbump work?
MISP admins log in by providing the **base URL** of their instance and their **authkey**.

After a successfull login the admin's profile and the linked organisation information will be downloaded.  

In the main screen you can start a synchronisation process by pressing the dedicated button.

The synchronisation process consists of 3 steps:
1. **Key Exchange**  
    To provide a secure chanel for data exchange, the first step is to generate a shared secret with [Diffie–Hellman key exchange](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) ([Elliptic Curve](https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman)).

    Public keys are exchanged via QR code.

1. **Synchronisation Information Exchange**  
    Contains the following information:
    + Own Organisation: Name, UUID, description, nationality, sector, type and contacts
    + Own User: Email
    + Own MISP instance: base URL
    + Generated: sync user authkey, sync user password  
        (your partner will create a sync user with these credentials for you)

    The synchronisation information is encrypted with AES using the shared secret (from step 1).

    The synchronisation process information will be saved securely on the device.


1. **Upload information to own MISP instance**  
    Uploading the information to the MISP instance is accomplished with MISP's REST API.

    Uploading consists of the following steps:
    1. Create organisation
    1. Create sync user & add to organisation
    1. Create sync server & populate with information above

After that the two MISP instances are able to share Events based on their permissions.

# Dependencies
+ [Retrofit](https://github.com/square/retrofit)
+ [ZXing](https://github.com/zxing/zxing)
-												improve readme

											
										
										
											2019-07-15 18:01:42 +02:00
+								# MISPbump
 								Simple and secure synchronisation of MISP instances
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												improve readme

											
										
										
											2019-07-15 18:01:42 +02:00
+								# What is MISPbump?
 								With MISPbump admins can easily synchronize MISP instances by exchanging relevant information via encrypted QR codes.
-												add login

											
										
										
											2019-07-05 03:45:04 +02:00
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								> Note that only **use case 1** from the [documentation](https://www.circl.lu/doc/misp/sharing/) is supported.
-												add login

											
										
										
											2019-07-05 03:45:04 +02:00
-												improve readme

											
										
										
											2019-07-15 18:01:42 +02:00
+								# How does MISPbump work?
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								MISP admins log in by providing the **base URL** of their instance and their **authkey**.
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								After a successfull login the admin's profile and the linked organisation information will be downloaded.
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												readme spelling

											
										
										
											2019-07-17 12:43:24 +02:00
+								In the main screen you can start a synchronisation process by pressing the dedicated button.
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												improve readme

											
										
										
											2019-07-15 18:01:42 +02:00
+								The synchronisation process consists of 3 steps:
-												improve readme

											
										
										
											2019-07-16 13:38:05 +02:00
+. **Key Exchange**
 								    To provide a secure chanel for data exchange, the first step is to generate a shared secret with [Diffie–Hellman key exchange](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) ([Elliptic Curve](https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman)).
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												improve readme

											
										
										
											2019-07-16 13:38:05 +02:00
+								    Public keys are exchanged via QR code.
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												improve readme

											
										
										
											2019-07-16 13:38:05 +02:00
+. **Synchronisation Information Exchange**
 								    Contains the following information:
 								    + Own Organisation: Name, UUID, description, nationality, sector, type and contacts
 								    + Own User: Email
 								    + Own MISP instance: base URL
 								    + Generated: sync user authkey, sync user password
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								        (your partner will create a sync user with these credentials for you)
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												readme spelling

											
										
										
											2019-07-17 12:43:24 +02:00
+								    The synchronisation information is encrypted with AES using the shared secret (from step 1).
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								    The synchronisation process information will be saved securely on the device.
-												improve readme

											
										
										
											2019-07-16 13:38:05 +02:00
 . **Upload information to own MISP instance**
 								    Uploading the information to the MISP instance is accomplished with MISP's REST API.
 								    Uploading consists of the following steps:
 . Create organisation
-												readme spelling

											
										
										
											2019-07-17 12:43:24 +02:00
+. Create sync user & add to organisation
 . Create sync server & populate with information above
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												remove leftovers of expandablecardview
improve readme
add string/content description

											
										
										
											2019-10-14 12:36:13 +02:00
+								After that the two MISP instances are able to share Events based on their permissions.
-												improve readme with screenshots

											
										
										
											2019-07-04 14:36:42 +02:00
-												improve readme

											
										
										
											2019-07-15 18:01:42 +02:00
+								# Dependencies
 								+ [Retrofit](https://github.com/square/retrofit)
-												add badge

											
										
										
											2019-08-23 17:30:21 +02:00
+								+ [ZXing](https://github.com/zxing/zxing)