Security protocols are short distributed computer programs dedicated to securing communications on digital networks. They are designed to achieve various goals such as data privacy and data authenticity, even when communication channels are controlled by malicious users. Their increasing penetration in many important applications makes it a very important research challenge to design and establish security properties. In the last decade, formal approaches and automated verification techniques have been successfully applied for detecting potential attacks. However, the security guarantees obtained so far usually hold in a rather abstract model, and are limited to isolated specific protocols analyzed for a few set of specific security properties. Moreover new types of protocols are still emerging in order to face new technological and societal challenges.
The goal of the project is to propose foundations for a careful analysis and design of large classes of up-to-date protocols. Proposing a secure environment for network-based communications has a societal as well as an economical prominent impact.
To achieve this goal, we foresee three main tasks. First, we plan to develop general verification techniques for new classes of protocols that are of primary interest in nowadays life like e-voting protocols, routing protocols or APIs. Second, we will consider the cryptographic part of the primitives
that are used in such protocols (encryption, signatures, ...), obtaining higher security guarantees. Third, we will propose modular results both for the analysis and design of protocols. As a particular outcome, each of the tasks will allow to characterize simple design principles that ease the analysis (thus the security) of protocols and discard families of attacks.
Call for proposal
See other projects for this call