Portrait Florian Moser

Florian Moser

PhD student under supervision of Véronique Cortier and Alexandre Debant at Inria Nancy in the Pesto team.

My research focuses on provably secure Internet Voting, with a heightened interest in the Swiss setting. For symbolic proofs, I use ProVerif.

I obtained my Bachelor's and Master's at ETH Zürich. Besides a researcher, I am an experienced full-stack software developer and build applications for the University of Zürich and many others.

florian [dot] moser [at] inria [dot] fr

Publications

Code voting: when simplicity meets security 2024, ESORICS 2024

The Swiss Chancellery has developed highly demanding requirements in terms of security for electronic voting. A few protocols have been proposed that meet the requirements. We propose a very simple protocol that satisfies the Swiss requirements while achieving an additional property: secrecy against a dishonest voting device, thanks to code voting. One key feature of our protocol is to use very short codes (typically one or two digits), so that it can be easily used by voters. Moreover, it only relies on standard primitives. Using the tool ProVerif, we formally prove vote privacy and end-to-end verifiability under the trust model of the Swiss Chancellery, assuming a dishonest voting device [download, preprint]. with Véronique Cortier & Alexandre Debant

Recommendations for Implementing Independent Individual Verifiability in Internet Voting 2024, E-VOTE-ID 2024

End-to-end verifiable systems are employed to safeguard the integrity of Internet voting. Voter-initiated verification for individual verifiability require that the ballot formed on the voter’s device is audited on a second device, which is independent of a potentially manipulated voter’s device. Further trust is gained by executing the verification procedure on a second device with independent implementations, in order to defend against a dishonest primary system operator. This paper formulates recommendations to implement such independent individual verifiability tools. Our recommendations are based on the experiences made in the GI elections 2023 where such independent tools were made available to the voters – to our knowledge the first project of its kind [download]. with Rüdiger Grimm, Tobias Hilt, Michael Kirsten, Christoph Niederbudde & Melanie Volkamer

SoK: Mechanisms Used in Practice for Verifiable Internet Voting 2024, E-VOTE-ID 2024

Increasing demands for internet voting instigated the deployment of a multitude of systems used in practice. Within this work, we are interested in which security mechanisms are currently used by vendors to implement verifiable and secret elections. We perform a systematic market study and review academic literature, where out of 82 candidate systems, we find 29 internet voting systems that are both in active use and claim to employ some form of verifiability. Thereof, we characterize and systematize the 18 systems that provide sufficient information to extract their security mechanisms relevant for state-of-the-art verifiability and secrecy. Overall, we find that only eight systems are well-documented, of which only a few employ state-of-the-art mechanisms in all categories that we consider [download]. with Michael Kirsten & Felix Dörre

Thesis & Reports

Master thesis: Swiss Internet Voting 2022, ETH Research Collection,

The Master's thesis examines internet voting in Switzerland. First, an overview of the scientific literature is given, and then relevant events, laws and political influences in Switzerland are summarised. To improve the current situation, a code-voting system is proposed that drastically reduces the complexity of the cryptography involved, while achieving stronger security properties. It is proven that this design meets formal definitions of legal requirements [download]. supervised by Kenny Paterson

Report: A Pairing-Based Identification Protocol for CHVote 2021

CHVote is an internet voting protocol suitable for use in Switzerland. As part of the casting procedure, voters authenticate their vote by entering an authentication key. In an effort to increase usability, a novel pairing-based identification protocol was proposed which requires only half the key for the same security guarantee than the previous proposal. The analysis proves the protocol secure, but asserts that the key size cannot be halved [paper]. supervised by Julia Kastner, Dennis Hofheinz

Advanced Systems Lab: Fast implementation of Curve25519 on Intel Skylake 2020

As a joint work with three other students, it was investigated whether existing implementations of the widely used Curve25519 could be further improved. Multiple approaches out of existing literature were combined and extended. The resulting implementation for the Intel Skylake architecture was 10% faster than all other implementations of the Bernstein comparison [download, code].

Bachelor thesis: Identifying encrypted online video streams using bitrate profiles 2018

It was investigated whether passively observable network traffic of netflix could be used to identify the currently watched content. Existing approaches were replicated, and extended. The resulting implementation needed only to measure the in average used bandwidth to identify what content is being watched [download, code]. supervised by Melissa Licciardello, Ankit Singla

Teaching: TheAlternative 2016-2023 and University of Zürich 2020-2023

As part of TheAlternative, I used to organize and give lectures [project management, web, pdf]. As a course instructor for University of Zürich, I regularly gave courses about git and GitLab [git].

scientific CV
more about me on famoser.ch