Custom Cryptographic Solutions with Formal Security Guarantees
Cryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions.
Projectdetails
Introduction
Modern web applications routinely rely on standardized cryptographic protocols and algorithms to protect sensitive user data. Furthermore, with the advent of blockchains, the imminence of quantum computers, and widespread concerns about privacy in an era of surveillance and machine learning algorithms, enterprises are increasingly turning to sophisticated non-standard cryptographic solutions customized for specific usage scenarios.
Challenges in Cryptographic Design
Unfortunately, cryptographic design and implementation is notoriously error-prone, with a long history of design flaws, implementation bugs, and high-profile attacks. This leaves software companies with a difficult choice: every time they deploy a new crypto standard or an innovative cryptographic application that improves the security and privacy of their users, they risk exposing embarrassing flaws in their design or code.
Research Outcomes
The research results of ERC Circus offer a way out of this conundrum by advocating the use of formal verification to build cryptographic software with machine-checked proofs of security and correctness. A landmark output from this project is HACL*, a verified high-performance cryptographic library which is currently used by mainstream software like:
- Mozilla Firefox
- Linux Kernel
- Tezos Blockchain
- ElectionGuard
Proposal for Cryspen
We propose to establish a company (called Cryspen) that will transition the research software developed in ERC Circus towards a production-quality ready-to-use verified cryptographic software stack. In addition, Cryspen will offer a developer-friendly verification framework that can be used to build new custom cryptographic solutions in:
- C
- Rust
- JavaScript
Goals of the Proposal
The goal of this Proof-of-Concept proposal is to fund the initial technical transfer of research software to Cryspen and the business development of this company. Once this transfer is complete, Cryspen will be able to offer long-term service contracts to existing and new users of HACL*, and offer software contracts to enterprises interested in deploying verified cryptographic software.
Financiële details & Tijdlijn
Financiële details
Subsidiebedrag | € 150.000 |
Totale projectbegroting | € 150.000 |
Tijdlijn
Startdatum | 1-4-2022 |
Einddatum | 30-9-2023 |
Subsidiejaar | 2022 |
Partners & Locaties
Projectpartners
- INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET AUTOMATIQUEpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
Project | Regeling | Bedrag | Jaar | Actie |
---|---|---|---|---|
Decentralized Cryptographic SystemsThis project aims to develop robust cryptographic systems that align theoretical models with real-world challenges, enhancing security and efficiency for decentralized infrastructures. | ERC Consolid... | € 1.998.351 | 2024 | Details |
Generation and Verification of Masking Countermeasures Against Side-Channel AttacksAMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security. | ERC Starting... | € 1.495.250 | 2023 | Details |
Solid Basis for Symmetric CryptographySoBaSyC aims to unify and optimize cryptanalysis techniques for symmetric cryptography, creating a comprehensive toolbox to enhance security and confidence in new cryptographic constructions. | ERC Consolid... | € 2.000.000 | 2024 | Details |
Secrecy-Preserving Proofs with Solid FoundationsThe project aims to develop efficient, secrecy-preserving proofs that maintain rigorous cryptographic security for high-stakes and large-scale applications, addressing current and future threats. | ERC Starting... | € 1.390.625 | 2022 | Details |
ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems SoftwareELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM. | ERC Proof of... | € 150.000 | 2024 | Details |
Decentralized Cryptographic Systems
This project aims to develop robust cryptographic systems that align theoretical models with real-world challenges, enhancing security and efficiency for decentralized infrastructures.
Generation and Verification of Masking Countermeasures Against Side-Channel Attacks
AMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security.
Solid Basis for Symmetric Cryptography
SoBaSyC aims to unify and optimize cryptanalysis techniques for symmetric cryptography, creating a comprehensive toolbox to enhance security and confidence in new cryptographic constructions.
Secrecy-Preserving Proofs with Solid Foundations
The project aims to develop efficient, secrecy-preserving proofs that maintain rigorous cryptographic security for high-stakes and large-scale applications, addressing current and future threats.
ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems Software
ELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM.
Vergelijkbare projecten uit andere regelingen
Project | Regeling | Bedrag | Jaar | Actie |
---|---|---|---|---|
Equity PlazaEquity Plaza ontwikkelt een gedecentraliseerd platform voor efficiënte en transparante digitale assettransacties via blockchain. | Mkb-innovati... | € 20.000 | 2020 | Details |
SCCOTS: Standard Cboost Components of the ShelfCboost onderzoekt de haalbaarheid van 'plug-and-play' AI-modules om digitalisering voor MKB toegankelijker te maken. | Mkb-innovati... | € 20.000 | 2022 | Details |
Equity Plaza
Equity Plaza ontwikkelt een gedecentraliseerd platform voor efficiënte en transparante digitale assettransacties via blockchain.
SCCOTS: Standard Cboost Components of the Shelf
Cboost onderzoekt de haalbaarheid van 'plug-and-play' AI-modules om digitalisering voor MKB toegankelijker te maken.