MISP
/
misp-bump
mirror of https://github.com/MISP/misp-bump
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #7 from cybertier/improve-readme 

Improve readme
pull/5/head
Felix PK 2019-07-16 13:39:01 +02:00 committed by GitHub
parent 7df3bf491c 7b673e2a6e
commit 36a2b73d8c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 93 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
README.md
View File

@ -1,68 +1,48 @@
# Screenshots # MISPbump
Simple and secure synchronisation of MISP instances
## Login # What is MISPbump?
With MISPbump admins can easily synchronize MISP instances by exchanging relevant information via encrypted QR codes.
![Login](./screenshots/mispbump-login.png) Note: only **use case 1** from the [documentation](https://www.circl.lu/doc/misp/sharing/) is supported.
## Home # How does MISPbump work?
First of all: MISP admins login by providing the base URL of their instance and their authkey (automationkey).
Actions: **Profile View** (Menubar) and **New Sync** (Floating Action Button) On a successfull login the admins profile and the linked organisation information will be downloaded automatically.
This information can be updated at any time from the profile view.
![Home (Empty)](./screenshots/mispbump-home-0.png) From the main screen you can start a synchronisation process by pressing the dedicated button.
## Profile The synchronisation process consists of 3 steps:
Organisation information loaded automatically from your MISP instance 1. **Key Exchange**
To provide a secure chanel for data exchange, the first step is to generate a shared secret with [DiffieHellman key exchange](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) ([Elliptic Curve](https://en.wikipedia.org/wiki/Elliptic-curve_Diffie%E2%80%93Hellman)).
Actions: **Delete and logout** (Menubar) and **Update Info** (Floating Action Button) Public keys are exchanged via QR code.
![Profile](./screenshots/mispbump-profile.png) 1. **Synchronisation Information Exchange**
Contains the following information:
+ Own Organisation: Name, UUID, description, nationality, sector, type and contacts
+ Own User: Email
+ Own MISP instance: base URL
+ Generated: sync user authkey, sync user password
(your partner will create a sync user with these credentials)
## Sync The Synchronisation information is encrypted with AES using the shared secret (from step 1).
Core functionality of MISPbump. The sync process information will be saved securely on the device, that means the upload can be started any time in the future.
**First Step:** Exchange keys to derive a shared secret
![Profile](./screenshots/mispbump-sync-0.png)
![Profile](./screenshots/mispbump-sync-1.png)
**Second Step:** Exchange encrypted sync information
![Profile](./screenshots/mispbump-sync-2.png)
![Profile](./screenshots/mispbump-sync-3.png)
## Sync information
After a successfull exchange an entry for this organisation will appear.
Actions: **Delete Sync information** (Menubar) and **Upload** (Floating Action Button in settings tab)
**Credentials:** With these credentials you will be able to log in on the other MISP instance (SyncUser)
![Profile](./screenshots/mispbump-sync-info-credentials.png)
**Settings:** These are typical settings which are also available from the MISP web interface.
![Profile](./screenshots/mispbump-sync-info-settings.png)
## Upload
Shows the status of the upload to your MISP instance.
If errors occure they will be displayed and the user can restart the process.
![Profile](./screenshots/mispbump-upload-1.png)
![Profile](./screenshots/mispbump-upload-2.png)
## Home with successfull sync
![Home (Synced)](./screenshots/mispbump-home.png)
# What does this app? 1. **Upload information to own MISP instance**
1. Exchange public keys to make following communication private (via QR code) Uploading the information to the MISP instance is accomplished with MISP's REST API.
+ Diffie Hellman key exchange
2. Exchange encrypted information needed to sync two MISP instances
3. Upload information to MISP instance.
# MISPBump Uploading consists of the following steps:
![Alt text](./poster/mispbump.png) 1. Create organisation
1. Create Sync User & add to organisation
1. Create Sync Server & populate with information above
After that the two MISP instances are connected.
# Dependencies
+ [Retrofit](https://github.com/square/retrofit)
+ [ZXing](https://github.com/zxing/zxing)

58
screenshots/README.md Normal file
View File

@ -0,0 +1,58 @@
# Screenshots
## Login
![Login](./mispbump-login.png)
## Home
Actions: **Profile View** (Menubar) and **New Sync** (Floating Action Button)
![Home (Empty)](./mispbump-home-0.png)
## Profile
Organisation information loaded automatically from your MISP instance
Actions: **Delete and logout** (Menubar) and **Update Info** (Floating Action Button)
![Profile](./mispbump-profile.png)
## Sync
Core functionality of MISPbump.
**First Step:** Exchange keys to derive a shared secret
![Profile](./mispbump-sync-0.png)
![Profile](./mispbump-sync-1.png)
**Second Step:** Exchange encrypted sync information
![Profile](./mispbump-sync-2.png)
![Profile](./mispbump-sync-3.png)
## Sync information
After a successfull exchange an entry for this organisation will appear.
Actions: **Delete Sync information** (Menubar) and **Upload** (Floating Action Button in settings tab)
**Credentials:** With these credentials you will be able to log in on the other MISP instance (SyncUser)
![Profile](./mispbump-sync-info-credentials.png)
**Settings:** These are typical settings which are also available from the MISP web interface.
![Profile](./mispbump-sync-info-settings.png)
## Upload
Shows the status of the upload to your MISP instance.
If errors occure they will be displayed and the user can restart the process.
![Profile](./mispbump-upload-1.png)
![Profile](./mispbump-upload-2.png)
## Home with successfull sync
![Home (Synced)](./mispbump-home.png)