Automated Security Proofs of Cryptographic Protocols:

Privacy, Untrusted Platforms and Applications to E-voting Protocols


ERC Consolidator Grant
Sep. 2015 - Aug. 2020

SPOOC

Context

The rise of the Internet and the ubiquity of electronic devices has deeply changed our way of life. Many face to face and paper transactions have nowadays digital counterparts: home banking, ecommerce, e-voting, etc. The security of such transactions is ensured by the means of cryptographic protocols. While historically the main goals of protocols were to ensure confidentiality and authentication the situation has changed. The ability of people to stay connected constantly combined with ill-conceived systems seriously threatens people's privacy. E-voting protocols need to guarantee privacy of votes, while ensuring transparency of the voting process; RFID and mobile telephone protocols have to guarantee that people cannot be traced. Moreover due to viruses and malware, personal computers and mobile phones must not be considered anymore to be trustworthy; yet they have to be used to execute protocols that need to achieve security goals.

Goals

The goals of the Spooc project are to develop solid foundations and practical tools to analyze and formally prove security properties that ensure the privacy of users as well as techniques for executing protocols on untrusted platforms. We will

Positions

We are always looking for good interns. We have several PhD and post-doc positions on subjects related to the project. You may contact the project PI and send him your academic CV.

In particular we are currently looking for a PhD student to work on the SAPIC/Tamarin Security Protocol Verification Toolchain. Application deadline: March 1, 2017.

Members

Publications

Publications can be found here.