Hackers donate 90% of profit to charity 2019/06/13

NGI Zero awarded two EC research and innovation actions 2018/12/01

EC publishes study on Next Generation Internet 2025 2018/10/05

Bob Goudriaan successor of Marc Gauw 2017/10/12

NLnet Labs' Jaap Akkerhuis inducted in Internet Hall of Fame 2017/09/19

  Help grow the future. Donate


NLnet has an open call as well as thematic funds. This page contains an overview of the projects that fall within the topic NGI Zero PET. If you cannot find the project you are looking for, please check the alphabetic index.

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

Applications are still open, you can apply today.

A proof of concept of identity-based encryption

The project aims to extend the existing attribute-based identity platform IRMA with easy-to-use encryption. The kind of encryption is called Identity-Based. Its main advantage is that key management is simple, so that encryption becomes easy to use, via a plugin to an email client (only Thunderbird in this proof of concept project). The plugin computes the public key of the recipient of a message, from some uniquely identifying attribute of the recipient (typically an email address, but phone number, or citizen registration number could work as well). The receiver of the message will have to prove, via IRMA, possession of the uniquely identifying attribute to some Trusted Third Party (TTP), which will then provide the corresponding private key. Within this project a working set-up will be built. Turning it into a widely usable product will require more work, in follow-up projects.

>> Read more about A proof of concept of identity-based encryption

Accessible security

The "Accessible security" project's initiative was sparked by the need for usable security made available to the average citizen. Several projects are contributing a part of this bigger puzzle: QubesOS, coreboot, Heads, me_cleaner, Whonix and others. Yet the average person does not have the sophistication to integrate these software projects. With some effort we can add some missing parts, help the effected projects usability, and facilitate access to cutting-edge developments, currently only usable by developers and more sophisticated users. Bringing these projects together will reduce the amount of expertise and effort required to benefit from these projects.

>> Read more about Accessible security

ARPA2 LDAP Middleware

Some protocols are far better known than others. Everyone will recognise the HTTP protocol we use to transfer web pages. LDAP is not as well known, but it is also a key technology we use on a daily basis - in fact it shapes how most organisations are organised online. LDAP is a proven technology but can be cumbersome to work with, and as a result it has seen little innovation in recent years.

This project develops a number of innovatie middleware components from the ARPA2 project. This includes a privacy enhancing middleware for LDAP (LEAF), which allows to do attribute filtering and selectively transforming of LDAP; SteamWorks, which allows for responsive large scale configuration and trust delegation; and Lillydap, a library that can be used to easily add LDAP to any application. The project also delivers on (broad)er deployability of these building blocks, by providing tools for distropackaging the innovative solutions produced by the project.

>> Read more about ARPA2 LDAP Middleware

ARPA2 resource ACL and HTTP SASL modules for NGINX

In most of our daily interactions with a remote server we depend on the application running on the server to properly authenticate the user within the browser session, and to manage who can do what. However, if we want to enforce stronger guarantees with regards to restricted resources and tasks, our options are much more limited. This project from the ARPA2 community wants to move the state of the art in access control forward by combining the extensible SASL standard with a well-defined generic ACL mechanism that also allows for pseudonimity. The project will produce a self-contained library and two modules for a popular web server (NGINX) that use the new library. With the NGINX HTTP SASL module a user-agent can authenticate to the web server using any SASL mechanism the server supports. With the NGINX ARPA2 ACL module the web server can determine whether an authenticated user has authorization for the request that he/she sent. I.e. a user makes the request: "DELETE /messages/10" and the server can then decide based on the authenticated user, the action and resource whether this is allowed or not.

>> Read more about ARPA2 resource ACL and HTTP SASL modules for NGINX

Autocrypt for Thunderbird

Autocrypt is a specification that provides guidance for e-mail clients on how to achieve a seamless user experience. It does so by transparently exchanging keys, almost entirely automating public key management. This reduces the UI to "single click for encryption". The project will create an extension for the Thunderbird e-mail client that brings this experience to its users. The goal is to provide a new extension with a streamlined user experience that requires as little user interaction as possible, without "poweruser" features and performing practical user testing to identify open pain points. The extension will be based on OpenPGP.js, since this can be packaged directly. This will simplify installation and maintenance a great deal.

>> Read more about Autocrypt for Thunderbird


Bitmask is a Desktop and Android client designed to achieve a zero-configuration end-user experience for setting up a VPN that connects to a given set of providers - those that follow the LEAP platform specification. To do so, clients rely on providers exposing configuration files on well-known urls, according to their particular setup regarding the available VPN gateways and transports. This project aims at adding low-end routers a new extra platform that users can choose when installing BitmaskVPN. Running VPN software in a commonly available router, with hardware-based user interfaces, will greatly extend the target audience for Bitmask. To achieve this goal, a porting of the BitmaskVPN client will be done in nim, a statically typed language that generates small native and dependency-free executables, allowing the setup of the VPN with the switch of a hardware button. Finally, the resulting port will be packaged for OpenWRT, and build scripts will be made available for providers to offer to their users a ready-to-use flashing image for a selection of routers.

>> Read more about Bitmask


Briar is a secure messaging app designed for activists, journalists and civil society groups. Instead of using a central server, encrypted messages are synchronized directly between the users' devices, protecting users and their relationships from surveillance. This project will enable users of Briar to delete their private messages. Giving users control of what information their devices retain will allow them to practice defence in depth, managing their exposure if their devices are lost or compromised.

>> Read more about Briar


Conversations is an Android client for the federated, provider independent network of instant messaging servers that use the Extensible messaging and Presence Protocol (XMPP). It aims to provide a feature set and a user experience that is on par with other well known messaging services. While Conversations is capable of sending end-to-end encrypted text messages, images, short videos and voice messages it currently lacks the ability to make voice and video calls. This project is about adding A/V call capabilities to Conversations in a manner that is compatible to other XMPP clients. To achieve compatibility Conversations will implement the Jingle protocol extensions including XEP 0353 (Jingle Message Initiation) for a smooth user experience across multiple devices.

>> Read more about Conversations


Cryptpad is a secure and encrypted open source collaboration platform. The CryptPad teams project will fund the development of a number of group-focused features to Cryptpad. We'll improve our current implementation of encrypted shared folders to display the permissions possessed by team members for different documents. The capacity to remove a member from a group is difficult in an encrypted system, as the knowledge of encryption keys cannot be taken away once given. We'll implement key-rotation protocols, and develop encrypted mailboxes to facilitate the delivery of new keys to authorized members. The same mailbox system will enable the development of notifications, allowing users to request additional permissions for documents, to invite new members to a group or session, or to inform friends that a document has been updated. Teams organize in many ways, and with the technical components available we'll focus on interfaces which support different modes of coordination, whether the team is hierarchical or self-organizing. Overall, we hope to make it so that the most intuitive way to collaborate is also the most secure.

>> Read more about CryptPad


The aim of the proposed project is to design and implement an open source library that implements the so-called Dining Cryptographer's network or DCnet (first proposed by David Chaum in 1998). Existing implementations suffer from poor efficiency (e.g. high computation and/or communication cost) or limited security (e.g. when a malicious participant can disrupt the communication). The project will produce cryptographic primitives and protocols that help to bring untraceable communication (e.g. untraceable instant messaging, file transfer, IP telephony) closer to practice. We will implement the most recent advances in cryptographic research (e.g. zero-knowledge proofs) and engineering (e.g. highly optimized arithmetic on elliptic curves and finite fields) into account to maximize both security and efficiency.

>> Read more about DCnets


When your computer enters a new network as a guest, it will need to receive information to be able to send and receive packets. The internet standard responsible for this is called Dynamic Host Configuration Protocol (DHCP). Traditional DHCP and DHCPv6 can potentially leak information which can be abused to uniquely identify a certain device - and thus track a user. dhcpcanon is a DHCP client implementation that implements the technical standard RFC7844, DHCP Anonymity Profiles. The new standard provides guidelines for minimizing information disclosure via DHCP. This project will produce DHCP clients implementing the Anonymity Profiles for restricted devices as microcontrollers and easy integration with network management tools.

>> Read more about dhcpcanon

Distributed Private Trust

The project "Distributed Private Trust" wants to develop a prototype for a trust and reputation system that does not rely on a centralized trusted party and provides users with more privacy than current systems. It uses secure multi-party computation to calculate aggregate ratings without having to reveal individual users ratings to any other party. The project also applies techniques from mechanism design to make the system robust to malicious behaviour of participants, for example by diminishing incentives to submit dishonest ratings.

>> Read more about Distributed Private Trust

DNSSEC Key Signing Suite

DNSSEC provides trust in the DNS by guaranteeing the authenticity and integrity of DNS responses. As DNS is of fundamental importance to most Internet communication, this is a vital function that needs safeguarding. Beyond providing trust in the DNS, DNSSEC is a key enabler for other technologies that improve the security, privacy and trust of Internet users. In the DNSSEC Key Signing Suite project we build a set of tools, scripts and guidelines (a playbook) to facilitate simple key signing with a standardised ceremony that has automated checks and audits where possible. The impact of this will be twofold. First, it leads to reliable, predictable and verifiable key ceremonies, which improves the trust in DNSSEC. Second, it will significantly ease the burden of operation, bringing the use of a validated and trustworthy signing procedure within reach for many more DNSSEC operators than today (e.g. smaller or less profitable top-level domain operators).

>> Read more about DNSSEC Key Signing Suite

EGIL SCIM client

Managing student information in an effective, secure and GDPR compliant way is crucial for the digitalized school. EGIL is an open source client that facilitates the exchange of student information to external providers of study material or administrative services in a standardized way. It supports attributes based on SCIM (RFC 7642-7644) and extensions, it provides an interface to common directory services and supports federated solutions between a large number of school principals and service providers. This project will improve EGIL’s federative capabilities, submit an Internet-Draft on the subject federated accounts provisioning, as well as providing a proof of concept for using SCIM as the standard for exchange of student information. This will eliminate the problems caused by using several different exchange protocols and formats between school principals and service providers.

>> Read more about EGIL SCIM client

EteSync - iOS application

EteSync is an open source, end-to-end encrypted, and privacy respecting sync solution for contacts, calendars and tasks with more data types planned for the future. It's currently supported on Android, the desktop (using a DAV adapter layer) where it seamlessly integrates with existing apps, and on the web for easy access from everywhere.

Many people are well aware of the importance of end-to-end encryption. This is evident by the increasing popularity of end-to-end encrypted messaging applications. However, in today's cloud-based world, there is much more (as important!) information that is just left exposed and unencrypted, without people even realising. Calendar events, tasks, personal notes and location data ("find my phone") are a few such examples. This is why the overarching goal of EteSync is to enable users to end-to-end encrypt all of their data.

The purpose of this project is to create an EteSync iOS client which will seamlessly integrate with rest of the system and let the many currently uncatered for iOS users securely sync their data.

>> Read more about EteSync - iOS application

Finish porting Replicant to a newer Android version

Replicant is the only fully free operating system for smartphones and tablets. All the other operating systems for smartphones and tablets use nonfree software to make some of the hardware components work (cellular network modem, GPS, graphics, etc). Replicant avoids that, either by writing free software replacement, by tweaking the system not to depend on it, or, as the last resort by not supporting the hardware component that depends on it. However it is based on Android 6, which is not supported anymore, thus it has way too many security issues to fix, so keeping using this version is not sustainable. This project consists in finishing to port Replicant to Android 9, which now has standardised an interface for the code that makes the hardware components work. Once done, it will also make the free software replacement automatically work on future Android versions.

>> Read more about Finish porting Replicant to a newer Android version


GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large, unauditable binary blobs, which is common practice for all software distributions. Mes is a Scheme interpreter written in a simple subset of C and a C compiler written in Scheme and comes with a small, bootstrappable C library. The Mes bootstrap has halved the size of opaque binaries that were needed to bootstrap GNU Guix, a functional GNU/Linux distribution that focusses on user freedom, reproducibility and security. That reduction was achieved by replacing GNU Binutils, GNU GCC and the GNU C Library with Mes. The final goal is to help create a full source bootstrap for any interested UNIX-like operating system. After three years of volunteer work this funding will enable us to take another big step forward and reach an important new milestone in creating more auditable secure software distributions.

>> Read more about GNU Mes

Graphics acceleration on Replicant

The project aims to create a free software graphics stack for Replicant 9 that is compatible with OpenGL ES (GLES) 2.0 and can do software rendering with a decent performance, or GPU rendering if a free software driver is available. Replicant is a fully free software Android distribution that puts emphasis on freedom, privacy and security. It is based on LineageOS and replaces or avoids every proprietary component of the system. Replicant is so far the only distribution for smartphones that is endorsed by the Free Software Foundation as meeting the Free System Distribution Guidelines. Due to its strict commitment to software freedom, Replicant does not use the proprietary GPU drivers that shipped within other Android distributions. The project aims to put together a new graphics stack for the upcoming Replicant 9 that is GLES 2.0 capable. The project will then focus on improving the performance by fine tuning its OpenGL operations and leveraging hardware features. At last, focus will swift into the integration of the Lima driver, a free software driver for ARM Mali-4xx GPUs, which will allow to offload some GLES operations to the GPU. This will greatly increase graphics performance and thus usability.

>> Read more about Graphics acceleration on Replicant

IMSI Pseudonymization

The IMSI Pseudonymization project will design a specification and provide a reference implementation of a mechanism to conceal the IMSI (international mobile subscriber identity) of a mobile subscriber on the radio interface. The IMSI is used to uniquely identify each subscriber in a (2G, 3G, 4G, 5G) cellular network. However, the privacy of users is not really well protected: current specification require to transfer the IMSI in plain-text at various times before an encrypted connection can be set up. The present project will specify, implement and evaluate a method by which the IMSI will be concealed on the air interface with no modifications to existing mobile phones or any network elements of the operator beyond the HLR/HSS (which implements the authentication on the network side). The project will further submit this proposal into the 3GPP standardization process and attempt to make it at least an optional extension that operators (even MVNOs) can deploy.

>> Read more about IMSI Pseudonymization

IRMA made easy

Authentication methods, like passwords, often involve a trade-off between usability and security. Secure passwords are a hassle to use, and easy-to-use passwords are often also easy to guess or to brute force. Clearly, there is a need for authentication methods that are both secure and user-friendly. The IRMA mobile app can fill this gap. It was originally developed with a strong focus on providing secure and privacy-friendly authentication. This project will focus on making IRMA easy to use for everyone. We will conduct a formal large-scale evaluation of IRMA that focuses on usability in general as well as on accessibility (i.e. for users with disabilities) in particular. By doing so, usability hindrances can be identified and improved, making IRMA user-friendly and accessible for users with the widest range of capabilities.

>> Read more about IRMA made easy


Secure messaging is among the most fundamental privacy challenges of today. While there are meanwhile several widely used offerings that can encrypt instant messages you send to others, there are very few reliable options that are able to keep others from finding out who you were communicating with - and when. The most popular end-to-end messaging application do not adequately protect the identities of who-is-talking-to-who from the infrastructure operators. Katzenpost aims to offer a traffic analysis resistant messaging layer that allows all the participants in the network to have significantly more privacy than other mechanisms. It offers a decentralized mixnet architecture that works similarly to onion routing, where message routing information is encrypted, and differs in that each message is a fixed size, has random forwarding delays, and is accompanied by cover traffic messages to frustrate passive traffic analysis. The project aims to be a building block for other to build applications on, lowering the threshold for existing applications to benefit from increased privacy and confidentiality.

>> Read more about Katzenpost


Manyverse is a social networking mobile app, implemented not as a typical cloud service, but instead on a peer-to-peer network: Secure Scuttlebutt (SSB). The mobile app locally hosts the user's database, allowing them to own their personal data, and also use the app when offline. Data can sync from one mobile device to another, via Bluetooth, Wi-Fi, or Internet. Free and open source software.

>> Read more about Manyverse

MEGA65 Phone

Much of the insecurity and lack of privacy is the simple result of how complex computers, the internet and all of the protocols and technologies that they include. It seems that the majority of proposals to fix this solution consist of adding something to this complicated mess. While this has helped to reduce the symptoms of the problem, by adding complexity it has actually made the problem worse. There are simply too many places for insecurities and privacy violating software to hide in modern complex systems. Even the hardware itself is not immune, with problems like SPECTRE, MELTDOWN and vulnerabilities in the management processors of modern computers and phones showing that even the processors we use today carry significant risks due to their complexity. This project takes a contrarian approach of seeing just how simple a system can be make, that would still be useful for a core set of functionality. The project takes inspiration from the simple and effective computers of the 1980s: it explores how to retain their simplicity and transparency, and combine them with modern improvements in security and capability. The goal is to allow even a single determined person to completely verify that a device has not been compromised, and that there are no unwanted listening ears when performing privacy sensitive tasks. The project will advance its current proof-of-concept to a functioning hardware and software system that can demonstrate profoundly improved security and privacy, and in a way that allows a determined user to verify that the device is still truly under their exclusive control and serving them alone.

>> Read more about MEGA65 Phone


The mobile-nixos project seeks to provide a coherent tool to produce configured boot images of NixOS GNU/Linux on existing mobile devices (cellphones, tablets). The goal is to provide a completely integrated mobile operating system, allowing full use of the hardware's capabilities, while empowering the user to exercise their four software freedoms to use, study, share and improve the software.

>> Read more about mobile-nixos


Nitrokey is an open source hardware USB key for data encryption and two-factor authentication with FIDO. While FIDO is supported by web browsers, using Nitrokey as a secure key store for email and (arbitrary) data encryption requires a native software. Therefore email encryption in webmail isn’t possible with Nitrokey. At the same time strong end-to-end encryption in web applications all share the same challenge: To store users' private keys securely and conveniently. Therefore secure end-to-end encryption usually requires native software too (e.g. instant messenger app) or - less secure - store the user keys password-encrypted on servers. Nitrokey aims to solve these issues by developing a way to use Nitrokey with web applications. To avoid the necessity of device driver, browser add-on or separate software this project is going to utilize the FIDO (CTAP) protocol. As a result the solution will work with any modern browser (which all support WebAuthn), on any operating system even on Android. This will give any web application the option to store private keys on ones own Nitrokey devices.

>> Read more about Nitrokey


Node-Tor is an open source project and the only existing implementation of the Tor protocol in Javascript. That gives it the unique property to not just run on a server or desktop, but also inside a regular webbrowser itself as a standalone secure webapp. It must not be misunderstood for just a re-implementation of Tor network nodes: the goal is much wider, because it allows any project related to privacy/security enhancement to implement the Tor protocol in their nodes and/or inside a web page. The browser client acts as a standalone node itself communicating via web interfaces such as Websockets with servers or through WebRTC with other browsers. The use of Javascript allows to reduce very significantly the code and libraries (prone to security breaches), simplifying the integration for developers (like removing the need to maintain installation packages since standard web interfaces can be used), simplifying the use for users. This offers a lot of potential for increasing security and privacy for everybody, since the technology can be accessed from any place and any device that has a browser or can run Javascript, including mobile devices.

>> Read more about node-Tor

Noise Explorer-VerifPal

Noise Explorer is an online engine for reasoning about Noise Protocol Framework (revision 34) Handshake Patterns. Noise Explorer allows you to design Noise Handshake Patterns, and immediately obtain validity checks that verify if your design conforms to the specification. For visually oriented people, it provides a convenient visualisation in your browser. Noise Explorer can also generate Formal Verification Models and Software Implementations. This allows to instantly generate full symbolic models in the applied pi calculus for any Noise Handshake Pattern that you enter. Using ProVerif, these models can be analyzed against passive and active attackers with malicious principals. The model's top-level process and sophisticated queries are specifically generated to be relevant to your Noise Handshake Pattern, including tests for strong vs. weak forward secrecy and resistance to key compromise impersonation Noise Explorer also automatically generates a secure implementation of your chosen Noise Handshake Pattern design, written in Go. In addition the users can explore a Compendium of Formal Verification Results. Since formal verification for complex Noise Handshake Patterns can take time and require fast CPU hardware, Noise Explorer comes with a compendium detailing the full results of all Noise Handshake Patterns described in the original specification. These results are presented with a security model that is even more comprehensive than the original specification, since it includes the participation of a malicious principal.

>> Read more about Noise Explorer-VerifPal


The Tor network is comprised of thousands of volunteer-run relays around the world, and millions of people rely on it for privacy and freedom online everyday. To monitor the Tor network's performance, detect attacks on it, and better distribute load across the network, we employ what we call Tor bandwidth scanners. The bandwidth scanners are run by the directory authorities, which are special relays that maintains a list of currently-running relays. This project will make a number of improvements to the new bandwidth scanner call sbws, to make it easier for directory authorities to deploy it, for relay operators to better diagnose issues and for end users to benefit from increased quality of experience.

>> Read more about OnBaSca

Opaque Sphinx

Opaque Sphinx is a project that aims to secure password-based authentication by deploying the state-of-the-art SPHINX and OPAQUE cryptographic protocols to eliminate almost all common attack vectors - such as weak guessable passwords, password reuse, phishing, password databases, offline dictionary attacks, database leaks - plaguing current solutions. These protocols provide the strongest available cryptographic properties with cryptographic proofs. The project intend to port its already existing free software SPHINX implementation - besides already existing support for Linux and Windows - to Android so it can also be used on smartphones.

>> Read more about Opaque Sphinx

Opaque Sphinx Server and Clients

Passwords are probably the most common way to remotely use private services, which makes them a major liability - humans on average find it very hard to memorize strong passwords. Luckily, passwords - or more particularly tools to work with passwords more safely - are evolving as well. SPHINX is a novel approach to password storage that is information theoretically secure. And unlike most online password managers, the user does not even have to trust the server. OPAQUE is a novel protocol that can be used to eliminate phishing as an attack vector when authenticating to servers. The combination of SPHINX and OPAQUE provides some very strong guarantees while still allowing users to only need to remember one or just a few passwords. This project will develop a SPHINX server in a safe, compiled language, with ample tests. It will also further develop and refine a protocol above SPHINX, handling creation, deletion, backup and changing of data. In addition it will add the OPAQUE protocol to various free software ecosystems such as PHP, java, nodejs, ruby, golang, erlang and rust, as well as to the two most used webservers: nginx and apache2.

>> Read more about Opaque Sphinx Server and Clients

Padding Machines for Tor

Tor is the worlds largest anonymity network with about eight million daily users around the world who use Tor to browse the web anonymously, access onion services, and circumvent censorship. The project Padding Machines for Tor will design and implement padding machines---as part of a new framework in Tor for generating fake padding traffic---to defend against website fingerprinting attacks. A website fingerprinting attack is a type of traffic analysis attack where an attacker attempts to determine websites visited by a target Tor user by analysing encrypted traffic. The results of the project will be both open source and open access, with the goal of contributing to effective and efficient defenses deployed by default in Tor against website fingerprinting attacks.

>> Read more about Padding Machines for Tor


E-mail security and privacy is not just relevant inside organisations or between individuals. A lot of email traffic comes from the institutions we all have to deal with, including some of the most confidential emails we get. And yet there is no way for users to protect their privacy and confidentiality when sending and receiving messages from organisations using such systems. PGP4civiCRM enables automatic PGP encryption/decryption of e-mails on the server side. While the project will provide special integration for the Constituent Relation Management System CiviCRM, the basic functionality can be used also with regular mailservers like postfix. The PGP4civiCRM core will basically be a milter, that listens for input messages, then looks up PGP keys from configurable sources (local key rings, LDAP) and then, based on a local, configurable, policy, encrypts/decrypts messages (or leaves them untouched) before passing them on. This way system administrators can with tiny effort provide transparent encryption support for all their mail users. Especially for CiviCRM the project will create an extension that allows easy web-based configuration of the relevant pieces and displaying of encrypted, received e-mails using OpenPGP.js.

>> Read more about PGP4civiCRM

Qubes OS

Qubes OS is a free and open source operating system uniquely designed to protect the security and privacy of the user. Its architecture is built to enable the user to define different security environments ("qubes") on their computer and visually manage their interaction with each other and the world. This project will improve the usability of Qubes OS by: (1) reviewing and integrating already existing community-created usability improvements, (2) implementing a localization strategy for the OS and its documentation, and (3) creating a holistic approach for improved accessibility.

>> Read more about Qubes OS


The Reowolf project aims to replace a decades-old application programming interface (BSD-style sockets) for communication on the Internet. In this project, a novel programming interface is implemented at the systems level that is interoperable with existing Internet applications. Currently, to increase quality of service (e.g. intrusion detection, latency and throughput) non-standard techniques are applied. Internet service providers resort to deep packet inspection to guess applications intent, and BSD-style socket programming is error-prone and tweaking is fragile. This project resolves these problems: it provides support to middleware to further improve quality of service without having to give up on privacy, and makes programming of Internet applications easier to do correctly and thus more reliable.

>> Read more about Reowolf

Reproducible Builds

Reproducible builds are a set of software development practices that create an independently-verifiable path from source to binary code.

>> Read more about Reproducible Builds

Ricochet Refreshed

Ricochet Refreshed, is a metadataless messenger for PCs (Windows, macOS, Unix) that provides anonymity as well as security. By using Tor, it allows people at risk making public interest disclosures to communicate in chat sessions with anonymity to journalists, members of parliament, regulators protecting the environment, financial malfeasance investigators and others who have the power in society to act as corrective mechanisms to serious wrongdoing. This project will update Ricochet, reduce known security risks, and ensure continued compatibility with Tor's onion services protocol. The possibility of anonymous communication is important for everyone, but particularly vital for those who risk reprisal in their workplace or other institutions to be able to speak up. Through anonymity, Ricochet Refreshed allows the focus to be on the disclosure, not on the source or whistleblower. Thus, the project provides a tool in support of evidence-based reporting in the public interest by creating a safe on-going channel for the journalist to conduct verification as the story develops.

>> Read more about Ricochet Refreshed

Robur privacy-enhanced DNS resolver and DHCP server

DHCP and DNS are fundamental Internet protocols, DHCP is used for dynamic IP address configuration in a local network, DNS for resolving hostnames to IP addresses. In this project, we develop a robust DHCP server and DNS resolver as a MirageOS unikernel. MirageOS unikernels are self-contained virtual machine images which are composed of the required OCaml libraries, leading to a binary with a minimal trusted code base, and thus minimized attack surface. The choice of the memory-safe, functional, and statically typed language OCaml avoids common attack vectors, such as buffer overflows and double frees. MirageOS unikernels can be deployed on various hypervisors (Xen, KVM, BHyve), microkernels (Genode, Muen), or as Unix binary (also with seccomp rules that allow only 10 system calls) on x86-64 and arm64. Several DHCP and DNS privacy extensions, extensive testing, and documentation is worked on to allow everyone to use it on their home router or in the data center. Migration of existing configuration (e.g. dnsmasq) to Robur DNS resolver and DHCP server will be provided as well.

>> Read more about Robur privacy-enhanced DNS resolver and DHCP server

Rocket CWMP

CWMP (CPE WAN Management Protocol) or TR-069 is a technical specification of a Broadband Forum designed for remote governing of a CPE. CWMP is a standardized and widely-used text-based protocol enabling communication between CPE and Auto Configuration Server (ACS).

Rocket CWMP is a modular CWMP-client capable of supporting TR-069, TR-181 and other technical reports. The project was started out of an industry gap regarding a production-ready, FOSS solution that meets the ISP requirements and the feature and security requirements of modern embedded devices. It is capable of integrating into existing solutions for automatic and remote software installation or provisioning of CPEs. The client is designed to be easily portable to different Linux platforms (OpenWrt and other Linux distributions such as Yocto, Debian, Ubuntu and others). Its modularity implies that developers can easily build new features based on their requirements. It would serve as a light weight glue between CWMP and embedded Linux software standards for configuration and statistics.

The end goal of this project would be to create and FOSS delivering mandatory remote management features in ISP ecosystem. ISPs would finally be equipped with a CWMP client that: a) is an open and extendable replacement of the closed software alternatives, b) is designed to easily include and configure various backend systems and c) allows replacing proprietary firmware and leveraging Open Source components.

>> Read more about Rocket CWMP


Simple Authentication and Security Layer (SASL) is an authentication and data security framework. The framework defines a structured interface to which SASL mechanisms must comply. These mechanisms can then be used by application protocols in a uniform manner. XMSS provides cryptographic digital signatures without relying on the conjectured hardness of mathematical problems. Instead, it is proven that it only relies on the properties of cryptographic hash functions. XMSS provides strong security guarantees and is even secure when the collision resistance of the underlying hash function is broken. It is suitable for compact implementations, is relatively simple to implement, and naturally resists side-channel attacks. Unlike most other signature systems, hash-based signatures can so far withstand known attacks using quantum computers. The SASL XMSS project's goal is to implement the XMSS system as a SASL mechanism in one of the publicly available open source SASL libraries.

>> Read more about SASL XMSS

SOLID Data Workers

Solid Data Workers is a toolkit to leverage the Tim Berners-Lee' Solid platform into a viable, convenient, open and interoperable alternative to privacy-hungry data silos. The aim is to use Solid as a general purpose storage for all of the user's private informations, giving them a linked-data meaning to enrich the personal graph and provide a first-class semantic web experience.

The project involves a PHP and a NodeJS implementation of the "Data Workers" toolkit to easy the "semantification" of the data collected from external services (SPARQL queries build, metadata retrival and storage, relationships creation...), some sample software component to import existing data into the semantic graph and keep it synchronized with backend sources (primarily: emails and calendars), and a proof-of-concept application to showcase the potentials of the semantic web applied to personal linked data.

As Solid may be self-hosted or hosted by third-party providers, Solid Data Workers may be attached to hosted or self-hosted instances and to different backend services.

>> Read more about SOLID Data Workers


Spectrum is an implementation of a security through compartmentalization based operating system, built on top of the Linux kernel. Unlike other such implementations, user data and application state will be managed centrally, while remaining isolated, meaning that the system can be backed up and managed as a whole, rather than mixed up in several dozen virtual machines. The host system and isolated environments will all be managed declaratively and reproducibly using Nix, the purely functional package manager. This will save the user the burden of maintaining many different virtual computers, allowing finer-grained resource access controls and making it possible to verify the software running across all environments. The Linux base, and a variety of isolation technologies from containers to virtual machines, will bring security through compartmentalization to a much wider range of hardware than previous implementations, and therefore make it accessible to many more people.

>> Read more about Spectrum


The PHP programming language was invented by Danish programmer Rasmus Lerdorf in 1994. The language is actively used by millions of websites through popular tools such as WordPress, Owncloud and Wikimedia. Suhosin-NG (next generation) will significantly improve the security of web applications running with PHP 7, and help thwart popular web attack vectors aimed at PHP based websites. Already existing ideas from the Suhosin project for PHP 5 will be gathered in addition to implementing a number of new ideas to improve the overall security stature of PHP 7. This concerns harnessing new features of the language, mitigating security risks in the default configuration and improvements to the runtime behaviour. In practical terms the project will implement these by extending the PHP extension Snuffleupagus, that already provides a good basis for hardening PHP 7. The project's goal is to provide software and documentation for setting up a PHP 7 environment in the most secure way possible.

>> Read more about Suhosin-NG

Sylk Client

Internet communications privacy is important to users, and there is a limited set of encrypted multiparty audio and videoconferencing solutions available to consumers and businesses today. The market, predominantly occupied by proprietary services that often require risky plugins, lack introspection and transparency, proved to expose users to significant security and privacy issues. This trend must be counteracted by better open source equivalents.

SylkSuite, composed by SylkServer and SylkClient is a clean and elegant open source multiparty conferencing solution for both the client and a server written in Python. SylkSuite allows groups of users to communicate privately with rich multimedia, accessed through different protocol stacks. SylkSuite allows bridging SIP clients, XMPP endpoints and WebRTC applications by using Janus backend.

The developers have a focus on strong interoperability based on the use of open standards.

>> Read more about Sylk Client

The Libre-RISCV SoC

It is 2019 and it is not possible to buy a mass-produced laptop, tablet or smartphone and replace all of its software (with software that a user can trust) without loss of functionality. Processor boot-loaders are DRM-locked; WIFI, 3D Graphics and Video Processors are proprietary, and Intel's processors contain problematic features and intransparent elements such as the "Management" Engine. The most logical way to restore and engender trust is to literally make a new processor - one that is developed transparently and may be independently audited to the bedrock. The project develops a a low-power, mobile-class, 64-bit Quad-Core RISC-V SoC at a minimum 800mhz clock rate, suitable for tablet, netbook, and industrial embedded systems. Full source code files are available for the operating system and bootloader, and the actual processor, its peripherals and its 3D GPU and VPU. Details at

>> Read more about The Libre-RISCV SoC

TLS-KDH mbed

TLS-KDH ( is a mechanism that adds Kerberos authentication to the Transport Layer Security (TLS) network protocol. TLS-KDH is developed under the flag of ARPA2 ( and is formalized in the form of a draft Internet specification. Furthermore, a successful prototype implementation has been built and integrated into GnuTLS. Making this prototype code production ready is well underway and in its final stage. In order for TLS-KDH to become an Internet Standard the IETF requires at least two working implementations. To provide the IETF with two TLS-KDH implementations and to address the embedded world with a TLS-KDH capable TLS library we chose MbedTLS as our second library. The TLS-KDH mbed project's goal is to implement the TLS-KDH functionality in the MbedTLS library. But why do we want to implement Kerberos authentication in the first place? Well first of all, the Kerberos protocol is quantum computer proof. That means that we can use this mechanism in the (future) presence of quantum computers. Since TLS is one of the most widely used security protocols on the present Internet having such mechanism would be a welcome addition. Secondly, Kerberos employs a centralized architecture as opposed to X.509 which is distributed. Adding TLS-KDH gives the user a choice which architecture (and implied pros and cons) to use. For a more extensive overview of advantages of TLS-KDH we refer to the project's homepage (

>> Read more about TLS-KDH mbed

Universal DID Resolver and Registrar

The Universal DID Resolver and Registrar are open-source software components that implement Decentralized Identifiers (DIDs). DIDs lie at the heart of an emerging technical and social paradigm known as "self-sovereign identity" (SSI), which allows individuals, organizations, and things to create and manage their digital identities without dependence on any central authority or intermediary. This technology is highly aligned with Next Generation Internet values such as human-centricity, openness, trust, and reliability. DIDs as a building block for protocols are of similar importance to Internet infrastructure as other identifiers such as domain names or e-mail addresses. The Universal DID Resolver and Registrar are aligned with corresponding W3C standardization efforts. Development and maintainance of the code takes place in close collaboration with relevant community and industry stakeholders such as the Decentralized Identity Foundation, uPort, Jolocom, Sovrin, Civic, Veres One, Blockstack, ERC725 Alliance, etc.

>> Read more about Universal DID Resolver and Registrar

ValOS Cryptographic Content Security project

ValOS (Valaa Open System) is a project pushing programming to become a civic skill. It’s a decentralized software development architecture that empowers beginners with little training or prior experience to create practical web applications. ValOS applications and data are created, stored and distributed as event streams. ValOS Gateway is a JavaScript library that acts like a browser: it connects to event streams, reduces them into applications and provides means to induce new events. ValOS Cryptographic Content Security project focuses on enhancing the infrastructure level security of ValOS through event log hash chaining, end-to-end encryption and other features.

>> Read more about ValOS Cryptographic Content Security project

VFRAME: Visual Defense Tools

Visible data shares many of the same risks as wireless data yet visual privacy is often overlooked in the field of information security studies as separate and less relevant. As computer vision becomes increasingly adept at understanding the visual domain, differences between existing protocols for processing wireless data and emerging protocols for processing visible data (computer vision) become less apparent. Ultimately, images and video are wireless data too, and they are exposed to an increasing number of attacks on visual information privacy with less technologies for protection. Visual Defense Tools will explore and prototype computer vision methods for visual privacy through visual obfuscation and minimization techniques, mostly related to biometrics. The goal will be to build a conceptual road map and functional open-source prototypes to stimulate future development of more accessible visual privacy technologies.

>> Read more about VFRAME: Visual Defense Tools

Virtualizing device firmware

Recent targets of attacks on infrastructure did not come from powerful computers, but instead from consumer electronics devices. The most widely known example of this is the Mirai botnet, where consumer grade IP cameras were infected, added to a botnet and then used in wide scale attacks in a rather devious way: the original functionality of the device was left untouched, meaning that users either didn’t notice that their device had been taken over, or weren’t bothered by it. This projects aims to provide a way to virtualise such an IoT device and integrate it with an existing honeypot framework to see how the malware is inserted and how botnets operate. The goal is to extract a firmware from an existing device and use that as the base for the virtualisation. The same setup can also be used to systematically check for undocumented behaviour of firmware.

>> Read more about Virtualizing device firmware


When the IP protocol was designed, its original authors did not add adequate security features. In 1994 the first official RFC concerning an end-to-end encrypted variant of IP called IPSEC was published after a number of years of standardisation work in the IETF. Almost a quarter of a century later, there is still a very limited set of implementations of the protocol. IPSEC is perceived by many as hard to deploy, which creates a chicken and egg situation in driving adoption. Vita is a fresh new implementation of IPSEC based on Snabb Switch, a high performance open source packet networking toolkit. The goal of Vita is to make it very easy to use IPSec on commodity hardware, and to produce a fast and compliant clean room implementation. Vita previously received funding from the Internet Hardening Fund. This project will move the deployability of Vita forward, and among others will produce a number of drivers for interfacing with e.g. high speed interfaces such as the Linux kernel. It limited size and use of an existing packet networking toolkit means it can be easily audited.

>> Read more about Vita

Web Shell

The WebShell project aims to define and implement a new secure dataflow and the accompanying APIs for allowing users to use their files in Web apps without authorizing the apps to access the user's file storage. At its core, WebShell consists of a container single-page application which can open remote components (primarily apps and file-system adapters) in sandboxed iframes and communicate with them through HTML5 message channels using the defined APIs. WebShell provides for file operations and the required UI (file menus, toolbars, dialogs) to support the familiar file operations (new, open, save, etc.) while apps merely implement serialization and deserialization of an individual file's content, after the user's explicit request. The project will build a fully-featured WebShell Desktop container, as well as a minimal WebShell container for testing and easy deployment of single apps. In addition, we will integrate a starter set of editor apps for common file types and a starter set of file system adapters, concentrating primarily on self-hosting and non-commercial web storage solutions like and Solid storage.

>> Read more about Web Shell


WireGuard is a next generation VPN protocol that uses state of the art cryptography. One of the most exciting recent crypto-networking developments, WireGuard aims to drastically simplify secure tunneling. The current state of VPN protocols is not pretty, with popular options, such as IPsec and OpenVPN, being overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90s. WireGuard presents a new abuse-resistant and high-performance alternative based on modern cryptography, with a focus on implementation and usability simplicity. It uses a 1-RTT handshake, based on NoiseIK, to provide perfect forward secrecy, identity hiding, and resistance to key-compromise impersonation attacks, among other important security properties, as well as high performance transport using ChaCha20Poly1305. A novel IP-binding cookie MAC mechanism is used to prevent against several forms of common denial-of-service attacks, both against the client and server, improving greatly on those of DTLS and IKEv2. Key distribution is handled out-of-band with extremely short Curve25519 points, which can be passed around in the likes of OpenSSH. Discarding the academic layering perfection of IPsec, WireGuard introduces the idea of a "cryptokey routing table", alongside an extremely simple and fully defined timer-state mechanism, to allow for easy and minimal configuration; WireGuard is actually securely deployable in practical settings. In order to rival the performance of IPsec, in addition to cross-platform implementations, WireGuard is implemented inside the Linux kernel, but unlike IPsec, it is implemented in less than 4,000 lines of code, making the implementation manageably auditable. These features converge to create an open source VPN utility that is exceedingly simple, yet thoroughly modern and secure.

>> Read more about Wireguard

Wireguard Windows client

WireGuard is a next generation VPN protocol that uses state of the art cryptography. WireGuard allows to safely tunnel traffic across the internet. WireGuard presents a new abuse-resistant and high-performance alternative based on modern cryptography, with a focus on implementation and usability simplicity. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. While still under heavy development, it is regarded by many as the most secure, easiest to use, and simplest VPN solution in the industry. Initially released for the Linux kernel, it is now cross-platform and the open source technology is ready for wide deployment. Unfortunately, WireGuard support on the widely used Microsoft Windows operating system is still immature and experimental. This makes the technology unavailable to many desktop and notebook users. This project will deliver the first stable Windows version.

>> Read more about Wireguard Windows client

YunoHost and the Internet Cube

YunoHost is a free and open-source server distribution that provides a self-hosted alternative to commercial centralized services, and allows people to take back control over their data. Yunohost aims to make server administration accessible to the general public and ultimately make personal servers as common as desktop computers. Based on YunoHost, the Internet Cube project develops an affordable plug-and-play server that can be bought and easily deployed at home by the general public. In addition to its self-hosting capabilities, it provides a privacy-enhancing WiFi hotspot which protects its users from censorship and metadata leaks. And because it is low-power, it can be used even in remote and offline situations.

>> Read more about YunoHost and the Internet Cube


ZSIPOs is a fully open source based encryption solution for internet telephony. It takes the shape of a little dedicated gadget you connect with a desktop phone. At its core the device does not have a normal chip capable of running regular software (including malware) but a so called FPGA (Field Programmable Gate Array). This means the device cannot be remotely updated (secure by design): the functionality is locked down into the chip, and the system is technically incapable of executing anything else. This means no risk of remote takeover by an attacker like with a normal computer or mobile phone connected to a network like the internet. The whole system is open hardware, and the full design is available for introspection. Normal users and security specialists get transparent access to the whole system and can easily check, what functionality is realized by the FPGA. This means anyone can verify the absence of both backdoors and bugs. ZSIPOs is designed to be fully compatible with the standard internet telephony system (SIP) which is the one used with traditional telephony numbers. The handling is done in principal by a regular internet phone (Dial, Confirm once – done). The cryptographic system is based on the standard RFC 6189 - ZRTP (with “Z” like Phil Zimmermann, the father of PGP), meaning it can also be used when using internet telephony on a laptop or mobile phone - of course without the additional guarantee of hardware isolation. There is no need to trust in an external service provider to establish the absolute privacy of speech communication. The exchange and verification of a secure key between the parties ensures end-to-end encryption, meaning that no third party can listen into the call. To that extent the device has a display to exchange security codes. The same approach can also also used for secure VPN Bridgeheads, secure storage devices and secure IoT applications and platforms. The ZSipOS approach is an appropriate answer on today security risks: it is completely decentralized, and has no dependency on central instances. It has a fully transparent design from encryption hardware to software. And it is easy to use with hundreds of millions of existing phones.

>> Read more about ZSipOs


Send in your ideas.
Deadline October 1st, 2019.

Help fundraising for the open internet with 5 minutes of your time

Project list

Project abstracts