Calls: Send in your ideas. Deadline August 1st, 2021.

NGI Assure

Projects that make security and trustworthiness easier

This page contains a concise overview of projects funded by NLnet foundation that belong to NGI Assure (see the thematic index). There is more information available on each of the projects listed on this page - all you need to do is click on the title or the link at the bottom of the section on each project to read more. If a description on this page is a bit technical and terse, don't despair — the dedicated page will have a more user-friendly description that should be intelligible for 'normal' people as well. If you cannot find a specific project you are looking for, please check the alphabetic index or just search for it (or search for a specific keyword).

NGI Assure is an ambitious grant programme which is part of the Next Generation Internet initiative, which as part of a larger vision focuses on technological building blocks that provide different types of strong assurances and decentralisation to users of the internet. This can be through public key infrastructures, through a web of trust, a distributed ledger or through trustworthy and fast hardware implementations of important cryptographic primitives.

The projects are typically work in progress, but since they are all free and open source software: feel free to check them out and use whatever you find in whatever way you need - everything is openly licensed so you can study, use, modify and share them. And if you think your own idea fits in here, why not propose a project yourself - we are still looking for great ideas!

NGI Assure was established with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.

Applications are still open, you can apply today.

Layer-2-Overlay — Generalising the GNUnet Layer-2 Overlay for broader usage

Layer-2-Overlay is a P2P connectivity layer that allows decentralized applications to establish communication with peers. The current Internet architecture is strongly biased in favor of client-server applications. To regain data sovereignty from tech oligopoly, citizens must be able to communicate directly without a few gatekeepers. Therefore decentralized applications need to overcome network obstacles of the existing Internet infrastructure without the need to setup a costly alternative infrastructure. An additional benefit is the effective usage of existing resource, to lower the environmental damage big centralized systems are doing to our planetary ecosystem. The Layer-2-Overlay will achieve this goal by utilizing a variety of existing protocols and infrastructure (Ethernet/WLAN, TCP/UDP, QUIC, Satellite) and an effective flow- and congestion-control to distribute traffic through different channels. After reconnecting the edges (e.g. PCs at home or mobiles) of the existing Internet among each other again, traffic can be forwarded directly to known peers and existing infrastructure will be preserved. The API of Layer-2-Overlay will be usable by all kinds of decentralized application use cases. For a first showcase Layer-2-Overlay will be integrated into GNUnet, an alternative network stack for building secure, decentralized and privacy-preserving distributed applications.

>> Read more about Layer-2-Overlay

GNUnet Messenger API — API for decentralized instant messaging using CADET

Communication is one of the most valuable goods, but it requires confidentiality, integrity and availability to trust it. The GNUnet Messenger API implements an encrypted translation layer based on Confidential Ad-hoc Decentralized End-to-End Transport (CADET). Through CADET the API will allow any kind of application to set up a fully decentralized form of secure and private communication between groups of users. The service uses e2e-encryption and does not require any personal information from you to be used.

You are able to send text messages, share files, invite contacts to a group or delete prior messages with a custom delay. Messages and files will both be stored decentralized being only available for others in the group. GNUnet provides the possibility to use this service without relying on the typical internet structures, with a turnkey optional DHT for sharing resources.

Unlike many other messengers out there the GNUnet Messenger service focuses on privacy. You decide who can contact you and who does not. You decide which information gets shared with others and which stays a secret. The whole service and its API is free and open by design to be used by many different applications without trusting any third party.

>> Read more about GNUnet Messenger API

The Libre-SOC Gigabit Router — Native Open Hardware chip implementation of crypto primitives

The Libre-SOC Project is developing a Libre System-on-a-Chip in a transparent fashion to engender end-user trust. Based on the OpenPOWER ISA, the next logical step is to extend and modernise OpenPOWER into the cryptographic and blockchain realm, and to do so in a practical way: design a Router ASIC. Whilst many commercial ASICs would do this using hard-coded non-transparent blocks or instructions, true transparency really only exists if the ISA has general-purpose primitives that can be Formally (mathematically) validated. The Libre-SOC Crypto-router Project therefore goes back to mathematical "first principles" to provide general-purpose Galois-Field, Matrix abstraction and more, on top of Simple-V Vectorisation. This provides flexibility for future cryptographic and blockchain algorithms on a firm transparent foundation.

>> Read more about The Libre-SOC Gigabit Router

Adopting the Noise Key Exchange in Tox — Improved security of Tox instant messaging with NoiseIK

Tox is a P2P instant messaging protocol that aims to provide secure messaging. It's implemented in a FOSS library called "c-toxcore" (GPLv3). The project started in the wake of Edward Snowden's disclosure of global surveillance. It's intended as an end-to-end encrypted and distributed Skype replacement. The cryptographic primitives for the key exchange (X25519), authentication (Poly1305) and symmetric encryption (XSalsa20) are state of the art peer-reviewed algorithms. Tox' authenticated key exchange (AKE) during Tox' handshake works, but it is a self-made cryptographic protocol and is known to be vulnerable to key compromise impersonation (KCI) attacks. This vulnerability enables an attacker, who compromised the static long-term private X25519 key of a Tox party Alice, to impersonate any other Tox party (with certain limitations) to Alice (reverse impersonation) and to perform Man-in-the-Middle attacks. The objective of this project is to implement a new KCI-resistant handshake based on NoiseIK in c-toxcore, which is backwards compatible to the current KCI-vulnerable handshake to enable interoperability. Further Noise's rekey feature will be evaluated for adoption.

>> Read more about Adopting the Noise Key Exchange in Tox

Improving OpenSSH's Authentication and PKI through OpenPGP — Improving SSH Authentication with OpenPGP transitive trust

It would not be a stretch to say that ssh secures the Internet - it is the protocol most relied on to log into servers of any type. Yet, its authentication model is inflexible, rarely used properly, and inadequate. OpenPGP's transitive trust (aka "web of trust") mechanisms and revocation certificates can help to provided additional automated assurances. By publishing and certifying OpenPGP keys for servers, an ssh client may be able to automatically check whether an encrypted connection is not only encrypted, but also authenticated. Similarly, server administrators can automatically find the right public key for users. And when a server key or user key is compromised, using OpenPGP, it is straightforward to ensure that it won't be trusted: just publish a revocation certificate. This project will add OpenPGP support to OpenSSH to improve and simplify these workflows.

>> Read more about Improving OpenSSH's Authentication and PKI through OpenPGP

GNUnet — Formalisation within IETF of R5N Distributed Hash Table design

Decentralization and digital sovereignty are fundamental building blocks to strengthening European values of freedom of information and informational self-determination against particular interests of foreign state and commercial actors. Decentralization is often based on Distributed Hash Tables; DHTs are already an important component for many NGI components such as decentralized web applications (IPFS, Web3) or components in the blockchain ecosystem. The GNUnet/R5N-DHT - a Free Software distributed hash table and P2P protocol - provides additional and relevant properties like Byzantine fault tolerance and censorship resistance. The project will improve, implement and specify the R5N protocol as an IETF RFC (Informational). This supports other efforts such as the GNU Name System protocol (GNS).

>> Read more about GNUnet

Adding TPM Support to Sequoia PGP — Implement use of TPM 2.0 crypto hardware for OpenPGP

Protecting cryptographic keys is hard. If they are stored in a file, an attacker can exfiltrate them - even if the harddrive is encrypted at rest. A good practical solution is a hardware token like a Nitrokey, which stores keys and exposes a limited API to the host. For most end users, a token is a hassle: one needs to carry it around, it needs to be inserted, and it is not possible to work if it is left at home. And, it needs to be purchased. There is a better solution, which doesn't cost anything. A trusted computing module (TPM) is like an always-connected hardware token only more powerful (the keys can be bound to a particular OS installation, it can store nearly an unlimited number of keys, not just three) and TPMs are already present in most computers. This project will add support for TPMs to Sequoia PGP including comprehensive test suites and in-depth documentation for both software engineers: as an API and end-users as a way to use TPM bound keys through Sequoia's command-line interface (sq) for decryption and signing.

>> Read more about Adding TPM Support to Sequoia PGP

Peer-to-Peer Access to Our Software Heritage — Access Software Heritage data via IPFS DHT

Peer-to-Peer Access to Our Software Heritage (SWH × IPFS) is a project aimed at supporting Software Heritage’s mission to build a universal source code archive and preserve it for future generations by leveraging IPFS’s capabilities to share and replicate the archive inadecentralized, peer-to-peer manner. The project will build a bridge between the existing Software Heritage (SWH) API and the IPFS network to transparently serve native IPFS requests for SWH data. In the short term, this allows users using IPFS to form their own Content Distribution Network for SWH data. Longer term, we hope this will serve as a foundation fora decentralized network of copies that, together, ensure that the loss of no one repository, however large, results in the permanent destruction of any part of our heritage. The end product would be a perfect application of IPFS’s tools and a step in the direction of a decentralized internet services infrastructure.

>> Read more about Peer-to-Peer Access to Our Software Heritage

TrustING — Ultrafast AS-level Public-Key Infrastructure

TrustING is a human-transparent and agile Trust Infrastructure for a Next-Generation Internet. This infrastructure enables any two entities to establish secret keys that can be used to encrypt and authenticate data. The foundation of TrustING is the AS-level Public-Key Infrastructure (PKI) of the SCION Internet Architecture that provides sovereignty (ensuring absence of global kill switches), trust transparency, and algorithm agility, among others.

The TrustING service establishes symmetric keys with other domains in advance, and then relies on those keys to derive keys for local hosts. The core novelty of this approach is the ability to derive keys purely locally on both sides of the communication, without even requiring key transport. By making TrustING a control-plane mechanism offered by the network infrastructure, higher-level applications can make use of it without having to worry about complexities such as exchanging key material or establishing trust.

To show the viability of TrustING, we will implement TLS trust bootstrapping using TrustING and additionally demonstrate the efficiency of TrustING by using it to authenticate SCMP (SCION's equivalent of ICMP) messages.

>> Read more about TrustING

Trustix — Make build logs available as publicly verifiable, tamper-proof Merkle trees

The project summary for this project is not yet available. Please come back soon!

>> Read more about Trustix

Yrs — Collaborative editing with CRDT written in Rust

Yrs "wires" will be a native port (in the Rust programming language) of the Yjs shared editing framework. Abstractly speaking, Yjs allows many users to concurrently manipulate state that eventually converges. It is a popular solution for enabling collaborative editing (Google Docs style) on the web because it is indefinitely scalable, works peer-to-peer, and has a rich ecosystem of plugins. There are plugins that allow you to connect with other peers over different network providers (WebRTC, Websocket, Dat/Hyper, IPFS, XMPP, ..) and there are many editor plugins that allow you to make existing (rich-)text editors collaborative.

The Yjs project is about connecting projects with each other and providing a network-agnostic solution for syncing state. A native port will allow native applications (e.g. XI, Vi, Emacs, Android, iPhone, ..) to sync state with web-based applications. We chose Rust because it's well suited to be embedded in other languages like C/C++, PHP, Python, Swift, and Java. With Yrs, we want to connect even more projects with each other and provide a modern collaboration engine for native applications.

The Rust implementation will implement the full feature set of the shared types, including the event system. This will enable users to parse existing Yjs documents, manipulate them, and implement collaborative applications. The port will make it easy to "bind" to another language so that the shared state is available in other languages as well. There will likely be a WASM binding, a C++ binding, and a Python binding (provided by Quantstack). Other existing features like awareness, selective Undo/Redo manager, relative positions, and differential updates will be added after the initial release.

>> Read more about Yrs

libresilient — Create robust web presence with service workers and DHT

A browser-based decentralized content delivery network, implemented as a JavaScript library to be deployed easily on any website. LibResilient uses ServiceWorkers and a suite of non-standard in-browser delivery mechanisms, with a strong focus on decentralized tools like IPFS. Ideally, users should not need to install any special software nor change any settings to continue being able to access an overloaded LibResilient-enabled site as soon as they are able to access it once.

>> Read more about libresilient

Securing Shared Decentralised Live Information with m-ld — Collaborative editing of LInked Data based on CRDT

m-ld is a software technology for live information sharing. It enables software engineers to reliably add real-time collaboration, support for offline working, and service resilience to both new and existing software architectures. It achieves this by operating at an "information" level, creating reusable patterns for maintaining the consistency and integrity of application content that is being edited from multiple locations at once. m-ld is built from the ground up on a W3C standard information representation, contributing ideas for its evolution, and is committed to open standards and open source. This project will research and prototype modifications to the primitives of the m-ld core protocol to natively support strong assurance of data integrity and traceability, with authority assignable to identified users or groups, so that they can be reliably assured of the integrity and controlled availability of their data.

>> Read more about Securing Shared Decentralised Live Information with m-ld