coming highlights

past highlights

The Internet, Private Actors and Security Challenges 09.10.2017
« Nothing to hide » documentary screenings 06.09.2017
Simpler secure group messaging? 20.07.2017
EuroUSec 2017 - 2nd European Workshop on Usable Security 29.04.2017
IEEE Security and Privacy on the Blockchain Workshop 29.04.2017
Rightscon 29-31.03.2017
CryptoAction Symposium 27-28.03.2017
Internet Freedom Festival 06-10.03.2017
F2F Meeting 03.03.2017
Sciences à coeur 01.12.2016
Crypto-design 25.11.2016
ELEVATE Festival 22.10.2016
The Internet Rules, But How? 05.10.2016
CAPSSI Community Workshop 28.09.2016
Internet Science 2016 12-14.09.2016
4S/EASST Conference - 01-02.092016
W3C Blockchains and the Web Workshop 29-30.07.2016
Workshop on Strategic Research Challenges for Privacy Technologies 18.07.2016
Bitcoin Summer School 29.05.2016
Summer School on Real-World Cryptography and Privacy 05-10.06.2016
NetFutures 2016 20.04.2016
NextLEAP team F2F meeting 15.02.2016


The Internet, Private Actors and Security Challenges Paris / 09.10.2017

International workshop ANR / UTIC

In the first of three conferences to be held over the next year, Didier Bigo (CERI-Sciences Po), Laurent Bonelli (ISP-Paris-10 Nanterre) and Sebastien-Yves Laurent (CMRP-Bordeaux) from the ANR project UTIC are bringing together representatives of major online service providers for a high-level experts roundtable. Participants will look at the ways in which technology firms engage with policy-makers and law enforcement agencies to address today’s major security challenges: How did their relationship with intelligence and law enforcement agencies evolve amidst heated post-Snowden debates on surveillance and privacy? What are the main legal hurdles faced by online service providers to protect the rights of their users, and what changes in legislation are called for? How do these companies adapt their business practices to help address today’s security challenges? By looking at these important issues at the intersection of policy, law and technology, the roundtable will analyse public-private relationships in the fields of surveillance and security, offering an opportunity for a much-needed discussion between key international stakeholders and researchers. To facilitate the discussion, the roundtable will be divided in two parts during which representatives of leading Internet companies will share their insights in interaction with researchers. The audience will have an opportunity to join the discussion during Q&A sessions.

CERI-56 rue Jacob, 75006 Paris / Salle de conférences



« Nothing to hide » documentary screenings Paris / 06.09.2017

The documentary « Nothing to Hide », dedicated to electronic surveillance and its acceptance in society, will be released this Wednesday (September 6th) at the cinéma Saint-André-des-Arts in Paris (14 screenings at 1 pm). The documentary will also be screened at the Cinéma le Rio (Clermont-Ferrand, Sept 13-27) and September 24 and 28 at the cinema Le Régent (Saint-Gaudens).

On September 30, the film will be released on the Internet (Creative Commons Non Commercial).

Trailer (

Simpler secure group messaging? Web / 20.07.2017

New article : Simpler secure group messaging?

Advocates for :

  • Ditch full plausible deniability; use signatures, and rely on honest parties to delete them upon checking.
  • Design systems for optimal operation with group sizes of 3-50. There is no point in having much larger groups, or killing designs on the basis they do not perform when N goes to infinity.
  • Rely on an infrastructure server or a leader within the group to offer consistent total ordering to all. Assume that others can detect its liveness through a timeout (synchronous), and either elect or rotate another one in. Or simply, stop the chat session once they become unavailable.

EuroUSec 2017 - 2nd European Workshop on Usable Security Paris, UPMC, Paris 6, Sorbonne Universités / 29.04.2017

NEXTLEAP’s members Ksenia Ermoshina, Harry Halpin and Francesca Musiani will present their joint paper “Can Johnny build a protocol? Co-ordinating developer and user intentions for privacy-enhanced secure messaging protocols” at the 2nd European Workshop on Usable Security. The paper gives an overview of some common protocol design questions facing developers of secure messaging protocols and tests the competing understandings of these questions using STS-inspired interviews with the designers of popular secure messaging protocols ranging from older protocols like PGP and XMPP+OTR to newer unstandardized protocols used in Signal and Briar. Far from taking users as a homogeneous and undifferentiated mass, the paper distinguishes between the low-risk users that appear in most usability studies (such as university students in the USA and Europe) and high-risk activist user-bases in countries such as Ukraine, Iran, Russia and Egypt where securing messages can be a matter of life or death.

IEEE Security and Privacy on the Blockchain Workshop Paris / 29.04.2017

Colloated with EuroS&P and Eurocrypt 2016. Today, the security and privacy properties of blockchain technologies are still an emerging field that is need of further research. The Bitcoin electronic cash system introduced the new field of blockchain technology as a practical mechanism for a permissionless and censorship-resistant e-cash over the Internet. However, the decentralized network and public verifiability of Bitcoin often do not provide the security and privacy properties assumed by its users. For example, despite a common assumption that Bitcoin is anonymous, transactions can be de-anonymized, limiting the commercial utility of the network and also harms individual privacy. Generalizations of Bitcoin’s underlying blockchain technology as a platform for smart contracts by Ethereum are still immature. For example, security issues in the underlying programming language for smart contracts in Ethereum led to the massive DAO Hack. More than ever, proper security and privacy properties need to be designed into the underlying framework for blockchain technologies.

Internet Freedom Festival Valencia / 06-10.03.2017

NEXTLEAP researchers participated in giving a large two-hour session on Autocrypt which discussed community, useability, protocol and implementation aspects of bringing email encryption to a wider audience. About 70 people attended the session including many major implementors and people involved in the e2e email encryption space. Several conversations and new co-operations ensued.

F2F Meeting Madrid / 03.03.2017

The whole team met to discuss last advances in sub-projects. Autocrypt team have presented their new UX design approach in order to bring easy encryption to the mass. Claimchain is still at an early stage but fundamental technical considerations have been discussed.

Alfredo Pironti (ioactive) have also presented a shord talk about PGP: 15 years of broken emails… and we are still doing it wrong”

Sciences à coeur Paris / 01.12.2016

This ‘Open source’ discussion between Francesca Musiani and the cryptographer Ludovic Perret was animated by a journalist.

Abstract: Access to all kinds of data and the ability to collect and exploit them have now reached an unprecedented level. We are facing a unique paradox: we have to give thought to the issues of both access to data and data protection, with an emphasis on personal data protection. How does cryptology - then the science of secrecy, now a science based on trust - evolve, in today’s and tomorrow’s contexts? How should individuals now adapt their behaviours?”

Crypto-design Amsterdam / 25.11.2016

Harry Halpin gave this talk aimed at designers and artists interested in privacy issues and served on the jury panel to chose the Crypto Design Award winner.

ELEVATE Festival Graz / 22.10.2016

Ksenia Ermoshina presenting Nextleap on a roundtable “Outstanding Activism” with Sarah Harrison, Ksenia Ermoshina and Katharina Nocun.

The Internet Rules, But How? Berlin / 05.10.2016

The Internet Rules, But How? An STS take on “Doing” Internet Governance Pre-conference to AoIR by Francesca Musiani.

CAPSSI Community Workshop Bratislava / 28.09.2016

Carmela Troncoso (IMDEA) will be presenting NEXTLEAP to the CAPSSI Community workshop.

Internet Science 2016 Florence / 12-14.09.2016

Ksenia Ershomina (CNRS) will be presenting NEXTLEAP and delivering a paper called “End­-to-­end Encrypted Messaging Protocols”.

4S/EASST Conference - Barcelona / 01-02.092016

“Materializing governance by information infrastructure”, a talk by Francesca Musiani.

W3C Blockchains and the Web Workshop Cambridge / 29-30.07.2016

When we talk about blockchains as “part of the Web”, we face some specific questions: How does this fit into the same origin security model of the Web? What are the privacy implications, especially when talking about identity management? What part of the Web stack would be involved: client-side, server-side, protocols, interchange formats? What is the relationship to payments, including W3C’s Web Payments work.

Workshop on Strategic Research Challenges for Privacy Technologies Darmstadt / 18.07.2016

NEXTLEAP co-organizes a panel on Decentralization and Privacy. Participants: Carmela Troncoso (IMDEA), Nadim Kobeissi (INRIA Paris), George Danezis (UCL), Harry Halpin (INRIA Paris).

Bitcoin Summer School Corfu / 29.05.2016

With a presentation by Georges Danezis (UCL).

Summer School on Real-World Cryptography and Privacy Sibenik / 05-10.06.2016

Summer school on real-world cryptography and privacy, with a presentation by Carmela Troncoso (IMDEA).

NetFutures 2016 Brussels / 20.04.2016

NetFutures 2016 “Sharing Economy” Panel with Harry Halpin (INRIA) and George Danezis (UCL).