techno-social and
Access and

In the wake of the Snowden revelations, public trust in the Internet has eroded.

NEXTLEAP aims to create, validate, and deploy communication and computation protocols that can serve as pillars for a secure, trust-worthy, annotable and privacy-respecting Internet that ensures citizens fundamental rights. For this purpose NEXTLEAP will develop an interdisciplinary internet science of decentralisation that provides the basis on which these protocols will be built.

Our events

launch event
05.05.2017 - Centre Pompidou

Considered as a right or as a commodity, cryptography is changing the nature of human relationships and consequently how our political environment is designed in a blurry balance between public and private space. This evening session is intended to bring a socio-political perspective on encrypted communication and its political governance or control, on the occasion of the EuroCrypt conference.

Get your FREE ticket Complete program and info

10:00-16:00 - Salle Triangle

NEXTLEAP will be hosting an all day training and use-case elicitation work so we can help your code maintain privacy and be compliant with Data Protection.

Political issues of cryptography
17:00-21:00 - Petite Salle

The second part of the day will be the launch event of the project on the significance of next generation, secure, privacy-enhanced Internet systems. Among other speakers, Bernard Stiegler, Phil Rogaway, and more will participate in a roundtable discussion.

Registration is mandatory because of max allowed attendees.

Get your FREE ticket Complete program and info

Decrypting Algorithms

Decentralized systems and new urban territories
18.05.2017 15:00-18:00

Salle Triangle - Centre Pompidou

more information

Other seminars



As parts of bringing privacy-preserving end-to-end encryption to decentralized messaging, researchers and implementers in NEXTLEAP are majorly participating in the new Autocrypt effort. It aims to leverage the email ecosystem, the biggest federated identity and messaging network, and bring encryption to wider audience than other efforts in the last 15 years.


In order to be decentralized, secure messaging requires an ability to discover key material and guarantee its integrity. Typically, today this is done via a single centralized and unstandardised service provider. In order to create an interoperable standard around secure messaging, key discovery needs to be decentralized. Blockchain-based approaches have been suggested in previous work in the security research community such as CONIKS, but have failed to take off due to the high deployment cost on centralized servers. We've designed a new protocol, ClaimChain, that builds on both existing work on blockchains while adding new optimizations and providing a decentralized logic based on Rivest and Lampson's SDSI to identify and discovery key material without a trusted third party. Joint work with CNRS to understand the social and economic considerations led to a publication in Internet Science and the existing design will be submitted to a top-notch security conference. Currently, we are discussing early use of this design with codebases used by secure messaging and email providers, and a security and privacy analysis of these codbases was published in CANS. Over the next year we plan for all of these protocols to have formally verified code for their cryptographic functionality and to present a design on how to integrate this work on key discovery into secure messaging with improved privacy and transcript consistency.


UnlimitID is a method for enhancing the privacy of commodity OAuth and applications such as OpenID Connect, using anonymous attribute-based credentials based on algebrai Message Authentication Codes (aMACs). OAuth is one of the most widely used protocols on the Web, but it exposes each of the requests of a user for data by each relying party (RP) to the identity provider (IdP). Our approach allows for the creation of multiple persistent and unlinkable pseudo-identities and requires no change in the deployed code of relying parties, only in identity providers and the client.

Why and how does it matter?

Francesca Musiani

Georges Danezis

Carmela Toncoso

Meet the NEXTLEAP team

NEXTLEAP combines expertise from across different disciplines in order to develop a set comprehensive answers to questions surrounding privacy and society. Our team is spread across Europe and includes specialists in computer science, formal protocol verification, sociology, social philosophy, cryptography and engineering.

NEXTLEAP Team group photo.
Holger Krekel, Georges Danezis, Bruno Blanchet, Francesca Musiani, Carmela Troncoso, Karthikeyan Bhargavan, Marios Isaakidis and Harry Halpin (not the entire team).

Other activities

Brussels / 29-31.03.2017

CryptoAction Symposium
Amsterdam / 27-28.03.2017

Internet Freedom Festival
Valencia / 06-10.03.2017


INRIA IMDEA CNRS IRI (Centre Pompidou) UCL Merlinux