Internet Hardening Fund
The internet is probably the single largest man-made structure ever, and it plays an important role in modern daily life. But the internet was never properly architected for such a critical global role. Its original protocols and designs have major security shortcomings in their designs, which are actively being exploited at an increasing scale.
Many benefits of the internet have materialised for its users despite of this- as witnessed by everyday usage of the internet by billions of people. But at the same time fundamental design issues come up again and again, showing the need for a structural solution if we want to continue and grow those benefits. As a technical community we need to revisit the security and privacy properties of the underpinning standards, and after that we need to make sure that those standards are actually deployed.
The problem with bad security architecture at the scale of the internet is that it really cannot be contained or managed well: anyone that finds some backdoor can equally abuse it - leaving the door open to large scale crime, state level actors aiming at societal disruption, commercial abuse and even just plain accidents that cascade out of control. As the IETF has put it: "the internet is under technical attack". The Internet Hardening Fund is aimed at funding its defense - its security, reliability, scalability and real-time behaviour.
We believe that the future of the internet can be rewritten - chapter by chapter, standard by standard. It is a safely re-engineered internet of tomorrow people want and deserve, rather the internet of today that cannot fulfill its promises.
The Internet Hardening Fund has concluded up and no new proposals are accepted, although we still feel work in this area is still very much needed. If you are looking for funding, do have a look at our other funding programmes and theme funds. If you are a potential donor: please contact us or donate directly if you can.
Projects and activities within this theme
- ARPA2 Steamworks
- Certbot ECDSA support
- Declarative Web Service security
- Namecoin: TLS
- GnuTLS
- DIME
- GetDNS
- GUN P2P Encryption
- Key Management
- lib25519: Secure and efficient computation of X25519 and Ed25519
- Namecoin
- Faster and configurable datapath/Linux xfrm
- Pitchfork
- Pitchfork PKCS#11
- Modular CA
- Remote PKCS#11
- SecuShare
- Secushare Box
- Magic Wormhole/SPAKE2
- Stubby
- TLS-KDH
- Vita
- WireGuard
- WPIA CA Infrastructure
External Review Committee
The Internet Hardening Fund is maintained by NLnet foundation. A separate Review Committee made up of independent experts validates the project selection.
You may also be interested in ...
- ARPA2, a comprehensive project addressing many aspects of internet hardening
- CeroWRT, an experimental firmware pushing forward the state of the art of edge networks and routers
- RPKI-RTRlib, improving the security of routing
- NLnet Labs, a world renowned internet research lab addressing fundamental issue
- NGI Zero