Custom Cryptographic Solutions with Formal Security Guarantees

Cryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions.

Subsidie
€ 150.000
2022

Projectdetails

Introduction

Modern web applications routinely rely on standardized cryptographic protocols and algorithms to protect sensitive user data. Furthermore, with the advent of blockchains, the imminence of quantum computers, and widespread concerns about privacy in an era of surveillance and machine learning algorithms, enterprises are increasingly turning to sophisticated non-standard cryptographic solutions customized for specific usage scenarios.

Challenges in Cryptographic Design

Unfortunately, cryptographic design and implementation is notoriously error-prone, with a long history of design flaws, implementation bugs, and high-profile attacks. This leaves software companies with a difficult choice: every time they deploy a new crypto standard or an innovative cryptographic application that improves the security and privacy of their users, they risk exposing embarrassing flaws in their design or code.

Research Outcomes

The research results of ERC Circus offer a way out of this conundrum by advocating the use of formal verification to build cryptographic software with machine-checked proofs of security and correctness. A landmark output from this project is HACL*, a verified high-performance cryptographic library which is currently used by mainstream software like:

  • Mozilla Firefox
  • Linux Kernel
  • Tezos Blockchain
  • ElectionGuard

Proposal for Cryspen

We propose to establish a company (called Cryspen) that will transition the research software developed in ERC Circus towards a production-quality ready-to-use verified cryptographic software stack. In addition, Cryspen will offer a developer-friendly verification framework that can be used to build new custom cryptographic solutions in:

  1. C
  2. Rust
  3. JavaScript

Goals of the Proposal

The goal of this Proof-of-Concept proposal is to fund the initial technical transfer of research software to Cryspen and the business development of this company. Once this transfer is complete, Cryspen will be able to offer long-term service contracts to existing and new users of HACL*, and offer software contracts to enterprises interested in deploying verified cryptographic software.

Financiële details & Tijdlijn

Financiële details

Subsidiebedrag€ 150.000
Totale projectbegroting€ 150.000

Tijdlijn

Startdatum1-4-2022
Einddatum30-9-2023
Subsidiejaar2022

Partners & Locaties

Projectpartners

  • INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET AUTOMATIQUEpenvoerder

Land(en)

France

Vergelijkbare projecten binnen European Research Council

ERC Consolid...

Decentralized Cryptographic Systems

This project aims to develop robust cryptographic systems that align theoretical models with real-world challenges, enhancing security and efficiency for decentralized infrastructures.

€ 1.998.351
ERC Starting...

Generation and Verification of Masking Countermeasures Against Side-Channel Attacks

AMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security.

€ 1.495.250
ERC Consolid...

Solid Basis for Symmetric Cryptography

SoBaSyC aims to unify and optimize cryptanalysis techniques for symmetric cryptography, creating a comprehensive toolbox to enhance security and confidence in new cryptographic constructions.

€ 2.000.000
ERC Starting...

Secrecy-Preserving Proofs with Solid Foundations

The project aims to develop efficient, secrecy-preserving proofs that maintain rigorous cryptographic security for high-stakes and large-scale applications, addressing current and future threats.

€ 1.390.625
ERC Proof of...

ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems Software

ELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM.

€ 150.000

Vergelijkbare projecten uit andere regelingen

Mkb-innovati...

Equity Plaza

Equity Plaza ontwikkelt een gedecentraliseerd platform voor efficiënte en transparante digitale assettransacties via blockchain.

€ 20.000
Mkb-innovati...

SCCOTS: Standard Cboost Components of the Shelf

Cboost onderzoekt de haalbaarheid van 'plug-and-play' AI-modules om digitalisering voor MKB toegankelijker te maken.

€ 20.000