Post-quantum token signing with Dilithium using Duende Identity Server

security duende quantum computing oidc net 7

On March 12th, a new IETF draft JOSE and COSE Encoding for Dilithium was published. It describes JSON serializations for CRYSTALS-Dilithium, a post-quantum cryptography suite. This in turn allows using post-quantum cryptography for tasks like signing JSON Web Tokens in a standardized fashion.

I previously blogged about using CRYSTALS-Dilithium from .NET applications, so in this post let’s see how we can apply this new draft to one of the most popular .NET OpenID Connect / OAuth 2.0 servers, Duende Identity Server

Beware of the default ASP.NET Core Identity settings

security net 7 net core asp.net core

The other day I was involved in setting up a new project based on ASP.NET Core Identity, when I noticed something related to the default configuration that I thought would be worth sharing here.

Of course, while in general it is not great to rely on default settings of any product (especially when it is the security backbone of your application!) one also expects sensible defaults to be provided.

Let’s have a look.

Post quantum cryptography in .NET

security quantum computing c-sharp net 7 cryptography

I have written extensively about quantum computing on this blog before. Quantum computing has the potential to break many of the cryptographic systems that we use today. Shor’s algorithm, for example, can efficiently factor large numbers, which would make widely-used asymmetric cryptography schemes such as RSA and elliptic curves insecure.

In this post, we’ll explore how to use post-quantum cryptography from a C# program, using CRYSTALS-Kyber and CRYSTALS-Dilithium as examples.

Exploring the new astronomical features of Mathematica 13.2

mathematica astronomy

Mathematica 13.2 was released last month, and among the wide array of new exciting features, there is a wide set of brand new experimental astronomical computation and visualization functionalities. We will have a brief look at them in this blog post.

Simulating Q# programs with QIR runner

q-sharp quantum computing qir

I recently blogged about the rather unfortunate series of steps that are needed to make the Q# simulator work on arm64 Mac computers, since that platform is sadly not supported out of the box.

In today’s post we are going to kill two birds with one stone - we will make local simulation of Q# programs on arm64 MacOS much easier and we will additionally see how we can simulate Q# programs that happen to be compiled to QIR.

dotnet WASI applications in the cloud

net 7 wasi wasm

Some time ago I blogged about using the experimental dotnet WASI SDK on ARM Macs. Today we are going to explore building dotnet based WASI-WASM applications with that SDK, with the goal of deploying them to the cloud.

Q# Holiday Calendar 2022 โ€“ Peeking into Santaโ€™s gifts with Q#

q-sharp quantum computing

๐ŸŽ„ This post is part of the Q# Holiday Calendar 2022. ๐ŸŽ…๐Ÿป

In 1993, Avshalom Elitzur and Lev Vaidman from Tel-Aviv University wrote a paper in which they proposed a fascinating thought experiment. They described bombs equipped with a very sensitive triggering mechanism - through interaction with a single photon only - and then proceeded to show that using quantum effects, in a procedure they called “interaction-free measurement”, such bombs can be safely (without triggering the explosion) tested to determine whether a given bomb is armed or not.

We will explore this concept in this post using Q#, but since we do not want to have anything to do with the bombs, we will replace the original thought experiment with something much better - Santa’s gifts! ๐ŸŽ

dotnet-script 1.4 is out with .NET 7.0 support

net 7 c-sharp dotnet-script

This week we released version 1.4 of dotnet-script. The latest release introduces support for .NET 7.0 and C# 11 and is available, as usually, through Github releases and on Nuget. You will need to have at least the .NET SDK 7.0.100 installed.

Making VS Code more accessible (and productive) with custom keybindings

visual studio code

Being involved in the OmniSharp project, I had the pleasure of working a lot with VS Code extension development over the past several years. Given that background, a coworker asked me recently if I had any ideas for improving his user experience with VS Code. In particular, being a screen reader user, he relies heavily on keyboard navigation and being able to quickly move focus between UI elements is critical for his productivity.

VS Code defines a very rich set of commands, to which custom key bindings can be attached, and which can be very helpful in such situations. In fact, through those commands, pretty much any task can be executed exclusively from the keyboard, which can be viewed as very positive from both accessibility and productivity standpoints.

Initiating User Registration via OpenID Connect with Duende Identity Server

duende oidc security

There is a new proposal for an extension to OpenID Connect Authentication Framework, called Initiating User Registration via OpenID Connect. It went into public review just last week, which is expected to close later this year.

This very useful extension defines how a client application can indicate to the OpenID Provider that a new user account should be created, rather than triggering the typical login procedure.

In this post we will look at how to support it with Duende Identity Server.

About

Hi! I'm Filip W., a cloud architect from Zรผrich ๐Ÿ‡จ๐Ÿ‡ญ. I like Toronto Maple Leafs ๐Ÿ‡จ๐Ÿ‡ฆ, Rancid and quantum computing. Oh, and I love the Lowlands ๐Ÿด๓ ง๓ ข๓ ณ๓ ฃ๓ ด๓ ฟ.

You can find me on Github, on Mastodon and on Bluesky.

My Introduction to Quantum Computing with Q# and QDK book
Microsoft MVP

Recent Posts

๐Ÿ“š Full archive

Categories