MISP
/
misp-bump
mirror of https://github.com/MISP/misp-bump
2
0
Fork 0
Code Issues Releases Wiki Activity
156 Commits
3 Branches
0 Tags
51 MiB
Java 98.2%
Gradle 1.3%
Kotlin 0.5%
 
 
 
Go to file
ckingn 65ea71a766
Create Bump 
Parameter 	Format 	Description
domain* 	String 	Domain to show approved senders for (not required if using a domain-specific API key)
search 	String 	Return only approved senders with an email address / domain / IP address that matches a search (fully or partially)
 		2023-06-24 01:09:43 -06:00
.idea cleanup 2019-08-22 16:58:50 +02:00
app remove leftovers of expandablecardview 2019-10-14 12:36:13 +02:00
gradle/wrapper cleanup 2019-08-22 16:58:50 +02:00
poster Upload poster englisch 2019-03-12 08:19:29 +01:00
screenshots improve readme 2019-07-15 18:01:42 +02:00
.gitignore .gitignore fix 2019-05-27 16:19:37 +02:00
Bump Create Bump 2023-06-24 01:09:43 -06:00
README.md remove leftovers of expandablecardview 2019-10-14 12:36:13 +02:00
build.gradle add material preference switch to detail view 2019-10-04 17:42:16 +02:00
gradle.properties done convert to androidx 2019-06-17 09:49:09 +02:00
gradlew .gitignore fix 2019-05-27 16:19:37 +02:00
gradlew.bat .gitignore fix 2019-05-27 16:19:37 +02:00
settings.gradle add material preference switch to detail view 2019-10-04 17:42:16 +02:00

README.md

MISPbump

Simple and secure synchronisation of MISP instances

What is MISPbump?

With MISPbump admins can easily synchronize MISP instances by exchanging relevant information via encrypted QR codes.

Note that only use case 1 from the documentation is supported.

How does MISPbump work?

MISP admins log in by providing the base URL of their instance and their authkey.

After a successfull login the admin's profile and the linked organisation information will be downloaded.

In the main screen you can start a synchronisation process by pressing the dedicated button.

The synchronisation process consists of 3 steps:

  1. Key Exchange
    To provide a secure chanel for data exchange, the first step is to generate a shared secret with DiffieHellman key exchange (Elliptic Curve).

    Public keys are exchanged via QR code.

  2. Synchronisation Information Exchange
    Contains the following information:

    • Own Organisation: Name, UUID, description, nationality, sector, type and contacts
    • Own User: Email
    • Own MISP instance: base URL
    • Generated: sync user authkey, sync user password
      (your partner will create a sync user with these credentials for you)

    The synchronisation information is encrypted with AES using the shared secret (from step 1).

    The synchronisation process information will be saved securely on the device.

  3. Upload information to own MISP instance
    Uploading the information to the MISP instance is accomplished with MISP's REST API.

    Uploading consists of the following steps:

    1. Create organisation
    2. Create sync user & add to organisation
    3. Create sync server & populate with information above

After that the two MISP instances are able to share Events based on their permissions.

Dependencies