Proposed projects page (archives): Spring-2020
Spring semester
Applying Approximate Distance Oracles to Internet Routing
Matteo Pariset – Bachelor semester project
Abstract
In order to reach their destinations, IP packets must go through multiple physical devices, across several IP networks. The process of selecting their path is called routing and relies on information shared among routers using a routing protocol. In the Internet, different protocols are used at different scales. For instance, Open Shortest Path First (OSPF) is typically used for routing packets between sub-networks belonging to the same organization whereas Border Gateway Protocol (BGP) is the de facto standard for global Internet routing. It operates at the level of Autonomous Systems (ASes), administrative entities which are identified by unique autonomous system numbers (ASNs). BGP is a stretch-1 routing protocol which selects paths based on prefix announcement rules and AS-specific policies.
In this work, we focus on a particular universal compact routing scheme (TZ), by Thorup and Zwick, which ensures bounded maximum stretch of 2k − 1 (with k ≥ 1 a constant), nearly optimal data structures size, and constant time to answer distance queries.
Hacking Sovereign Identity
Alexandre Ivan Délèze – Master semester project
Abstract
Electronic identities become a trendy topic for our governments and companies. In this report, we analyze the security of the decentralized identity system of the Sovrin Foundation.
We first analyze their organization’s policies. In the second phase, we evaluate their components and threat model. Then, we select the main targets and use industry-standard auditing, fuzzing, and other hacking attacks to find vulnerabilities.
This report presents theoretical attacks against the setup of a client and the node’s upgrade procedure. We also find vulnerabilities in the consensus algorithm, which can simplify amplification attacks and also permit a user with no privilege to write illegitimate information on the blockchain.
Implementation of an intuitive and insightful blockchain explorer (I)
Julien von Felten – Optional master semester project
Abstract
Since the development of the first blockchain in 2008 by Satoshi Nakamoto, it has been quite hard to understand and to have a good visual representation of what a blockchain is. Various blockchains have been developed but it remains not user-friendly to verify the content of a blockchain, to see how the different intrinseque mechanisms of the blockchain work such as the content of each cryptographically linked block and how they participate in evolving the state of the blockchain.
The goal of this project is to implement a tool that can parse and display insightful information about the DEDIS blockchain called ByzCoin. It aims at prodiving an easy way for users to see and understand what is inside the blockchain by offering an intuitive and powerful user interface.
Improving Byzcoin
Louis Merlin and Hugo Roussel – Master semester project
Abstract
Bitcoin’s original paper promised a new kind of decentralised network allowing value exchange in a peer to peer way. While this promise was successful, the original design is showing signs of age with many issues having creeped out in the last few years. To name a few : voracious energy consumption (as of today the equivalent of Switzerland energy consumption), high transactions fees and long confirmation times. In 2016 an alternative protocol called Byzcoin was proposed with the goal of improving both security and performance of the original paper. Shortly after an implementation was developed by the DEDIS lab at EPFL. The goal of this semester project was to study, measure and improve the state of the current implementation.
Implementation of an intuitive and insightful blockchain explorer (II)
Anthony Iozzia – Bachelor semester project
Abstract
The goal of this project was to implement an intuitive and insightful blockchain explorer and use it to visualize the ByzCoin. We wanted to build an intuitive interface, as easy as possible to use for every user. This visualizer should implement basic functionalities to efficiently browse a blockchain, such as blocks visualization, blocks navigation, easy breakdown of blocks contents and following instances.
Fall semester
Streaming Public Key Encryption
Aleksandar Hrusanov
Abstract
Processing large amounts of data can be very inefficient and sometimes, given certain limitations, even impossible. Memory sets a limit to the size of the files that can be processed locally on a given hardware and processing such files in pieces is the only solution. Often enough the outputs of processing those pieces need to be piped one by one for further handling, for example to tar or bash. Looking beyond one local machine, data needs to be somehow transmitted. Internet protocols limit the size of data packets that can be sent (e.g .TLS record size is capped at 16KB) which also calls for breaking down data into chunks accordingly. Whether it is executing commands locally or streaming video content on Netflix, disassembling data into parts on one end and reassembling it on the other is a logical solution to many challenges but it also brings new security problems with itself.
Anonymous Proof-of-Presence Groups for Messaging and Voting
Céline Camacho ,Gabriel Fleischer, Sébastien Fulpius, Raoul Gerber, Jean-Baptiste Michel, Romain Pugin, Nicolas Raulin, Ouriel Sebbagh, Alexis Tabin, Maxime Würsch
Abstract
To protect from Sybil attacks, where one person creates many fake identities, communication tools usually require people to provide some sort of identity, like a credit card or a phone number. However, this causes a privacy problem as it links the virtual identity to a physical one in a privacy-invasive way. Weak identities such as e-mails are better in term of privacy, but do not protect against Sybil attacks and do not provide any form of accountability (e.g. one person, one vote). Proof-of-Personhood solves this problem by proving a digital identity is linked to a person, without revealing its identity. This is done by organizing in-person events and giving present people a token proving they attended. In this project, we started to build an application to implement the Proof-of-Personhood approach. The current version allows users to create an organization and run roll-call events. It is not finished yet, and this project is thought to be continued by other students and engineers.
Columbus
Sophia Artioli & Lucas Trognon
Abstract
Blockchains are a notoriously hard concept to understand, which makes them difficult to use for broader audiences. In particular, they are difficult to trust without a deep understanding of their inner workings which might require some sort of background. Blockchains are a powerful tool that is used amongst others for governance purposes or crypto-currencies. However, one must be able to easily verify their contents and check that properties are fulfilled to use and trust it. In this matter, Columbus enables a concrete visualization of Byzcoin, a blockchain created by the DEDIS lab at EPFL. The Columbus explorer displays the chain and diverse information about each block to help users have a better understanding of the underlying concepts.
Resilient routing protocol for Dela
Abstract
Dela is a distributed ledger architecture, developed at DEDIS, EPFL. It describes and implements the abstractions that allow a set of nodes agree on a state in a decentralized fashion.
To facilitate the communication between nodes, Dela implements a minimalistic network overlay (mino). Opening a connection between each pair of communicating nodes does not scale, so mino trades latency for reducing the number of open connections, sending a message to the destination via intermediate hops that are other participants of the communication. A routing protocol determines the route of a message by calculating the next hop for a given address. The current tree-based routing protocol minimises the number of open connections between nodes. However, it is not resilient: if a node fails or cannot be reached due to a network failure between the node and its parent, the entire subtree of this node does not receive a message.