This page lists some potential projects in the DEDIS lab that may be available next semester. Please first read the general guidelines for projects in the DEDIS lab, then contact the relevant lab members to discuss potential projects in more detail.
Constant-Time Big Numbers for Crypto
2–5 semester project students
Cryptography depends on large integer (“bignum”) arithmetic pervasively, but the standard bignum libraries for most languages cannot guarantee constant-time operation, rendering cryptographic uses of these libraries potentially vulnerable to timing attacks. This project will develop a clean cross-language API for constant-time big-number arithmetic for crypto, together with prototype libraries implementing that API. The target implementation languages will likely be some subset of Go, Rust, Java, Scala, and/or Swift. Implementations are likely to reuse but adapt existing non-constant-time big-number libraries already available for the expected languages, not to build new libraries from scratch.
Contact: Simone Colombo
High-performance WebAssembly virtual machines for smart contracts
1-2 semester project / master thesis students
A smart contract is a program that lives on a blockchain, and must behave deterministically because a distributed group of nodes must use consensus to agree on the contract’s exact correct output for a given input. Unfortunately, determinism is not so easy to ensure as common programming languages provide multiple ways to generate non-deterministic results. For instance, generating random data in multiple executions of a Go program will generate different outputs by definition.
Ethereum’s solution is to use a virtual machine (VM) with a given set of deterministic instructions. Another approach is to use existing virtual machines for common interpreted languages like WebAssembly (WASM or the Java Virtual Machine). But this is not by definition deterministic and a study is necessary to either ensure the determinism of the virtual machine, or to design a transaction model that is deterministic under a non-deterministic execution environment.
Dela is a distributed ledger framework developed at the DEDIS lab. The project is to enable either the Ethereum Virtual Machine (EVM), a WASM VM or the JVM so that generic smart contracts can be written in a common language.
Contact: Gaylor Bosson
Anonymous Proof-of-Presence Groups for Messaging and Voting
1–5 semester project / master thesis students
Popular communication tools today use either require semi-strong but privacy-invasive identities such as phone numbers to achieve some level of accountability and Sybil attack protection (e.g., WhatsApp or Signal), while other tools use weak identities such as E-mail addresses or pseudonymous public keys (e.g., Bitcoin) but lose any fair, “person-centric” form of accountability or Sybil attack protection. The DEDIS lab is developing a new, human-centric “proof-of-personhood“ (PoP) solution to this problem leveraging physical presence at real-world events to provide privacy-preserving but accountable, Sybil-protected identities.
This project will prototype a minimalistic but highly robust and usable proof-of-presence group communication app for mobile devices. The app will enable anyone to organize an in-person event, and take a secure “roll-call” at that event to connect with attendees and give each a one-per-person digital membership token. With these tokens, attendees can text message each other privately within the ad-hoc group without needing any strong identities (phone numbers etc), but with the ability to block abusive or spamming members reliably to ensure accountability. In addition, attendees can call votes within the group, and obtain the assurance that only real people who were actually at the event will be able to vote, and that each real person will have exactly one vote.
Contact: Bryan Ford
RABYT – Resilient Networking Routing with gRPC
1–2 semester project / master thesis students
Routing messages through a network is easy when the network is operated by a cooperative and reliable set of nodes. However, things can get a bit more complicated when nodes fail and can’t be trusted to always behave correctly. In this case, we must assume that any component of the system (ie. the network) can fail at its task.
In this project, you will work with Dela, the new DEDIS ledger architecture. The actual network implementation of Dela uses a basic tree-network routing algorithm, which only works if every node is up and agrees to do its job correctly. The project consists of finding the most appropriate algorithm and updating this network module to be more resilient with failing nodes. This project, if successful, will then be used as an improved underlying layer for all the protocols and services operated with Dela.
Contact: Gaylor Bosson
Penetration testing of drand
1 Cybersecurity master student
The League of Entropy is a public service to provide public randomness, which is a useful building block in decentralized systems. You will apply techniques from the practice of penetration testing to investigate the drand software underlying the League of Entropy. You will analyse the existing system in order to identify the components, and the claimed threat model that each need to withstand. Then you will target one or more of them, using industry standard auditing, fuzzing, and other hacking techniques. You will report your findings in accordance with industry standard responsible disclosure procedures.
Contact: Jeff Allen
(assigned) Columbus III – Implementation of an intuitive and insightful blockchain explorer (cont.)
1–2 semester students
Using a blockchain often comes with a claim that everything is suddenly transparent and verifiable forever. While this statement remains true, it is in practice rare for users to verify the content of a blockchain and assert that a claimed statement is true. It is also hard to see how the intrinseque mechanism of the blockchain works, ie. what is the content of each cryptographically linked block and how they participate in evolving the state of the blockchain. We think that part of this problem can be solved by offering an adequate tool, which comes as a “blockchain explorer”.
This project started 6 months ago and your mission will be to take over its development by adding new core functionalities to it. The blockchain explorer, once matured enough, will be of great help for some of our ongoing projects that use the DEDIS blockchain.
Contact: Noémien Kocher