19-20 december 2017, Grande salle du Centre Pompidou
In collaboration with European project NextLeap, ANR project Epistémè and Plaine Commune’s Chaire de Recherche Contributive
Within the scope of a global reflection on a new articulation of data processing within the data economy (reticulated artificial intelligence, deep learning, machine learning in general and intensive calculus), on one hand, and of the interpretation of this data and these processes, on the other hand, and within the present scientific context as well as within the exercising of citizenship and more generally of responsibility, this eleventh edition of the New Industrial World Forum intends to analyse the impact of scientific instruments on the constitution of academic knowledge in a time when the technologies stemming from mathematics, as applied to computer science and networks, tend to establish themselves in all domains on the basis of efficiency criteria prescribed by the markets.
Security, Privacy and Applied Cryptographic Engineering (SPACE 2017)
Francesca Musiani (Cnrs, Nextleap partner) elected Vice-president in charge of Research of the Internet Society France.
Current issues in SDO decision-making for the Internet
Article on the website of “FM4” Radio about the EU commission funding open source encryption, and in which the Nextleap project is cited.
As part of the NextLeap European Program, IRI is organizing a “CryptoCamp” open to all technological, creative and political contributions related to topics of the NextLeap project: 1) group dynamics, personal data and cryptography and 2) platforms , governance, decentralized systems and the future of the web.
This workshop is being held as part of the Festival Rou (-x) tor at Mains d’oeuvre, Saint Ouen : Friday, October 27, 2017 - 14h - 19h Saturday, October 28, 2017 - 15h - 23h Sunday, October 29, 2017 - 14h - 19h
By alternating presentations of digital tools and practices with hacking, improvisation and role-playing sessions, the goal is to explore autonomous and decentralized digital practices in interaction with artistic performances proposed by the Festival.
Information and registration website: http://nextleap.eu/events/cryptocamp-mdo-2017.html
*** NEXTLEAP> http://nextleap.eu/ The European project NextLeap aims to create, confirm and disseminate communication protocols for a better foundation of the Internet, based on essential security, trust and respect for individual freedoms. NEXTLEAP is a European research project focused on an interdisciplinary study combining expertise in cryptography, privacy and decentralization. The team includes specialists in computer science, formal protocol verification, science and technology studies, sociology, philosophy and engineering. Partnership involves Inria, UCL, CNRS, IRI, and Merlinux (H2020 CAPS - Collective Awareness Project)
*** ROUXTEUR / NEMO at Mains d’Oeuvres, St Ouen
In the first of three conferences to be held over the next year, Didier Bigo (CERI-Sciences Po), Laurent Bonelli (ISP-Paris-10 Nanterre) and Sebastien-Yves Laurent (CMRP-Bordeaux) from the ANR project UTIC are bringing together representatives of major online service providers for a high-level experts roundtable. Participants will look at the ways in which technology firms engage with policy-makers and law enforcement agencies to address today’s major security challenges: How did their relationship with intelligence and law enforcement agencies evolve amidst heated post-Snowden debates on surveillance and privacy? What are the main legal hurdles faced by online service providers to protect the rights of their users, and what changes in legislation are called for? How do these companies adapt their business practices to help address today’s security challenges? By looking at these important issues at the intersection of policy, law and technology, the roundtable will analyse public-private relationships in the fields of surveillance and security, offering an opportunity for a much-needed discussion between key international stakeholders and researchers. To facilitate the discussion, the roundtable will be divided in two parts during which representatives of leading Internet companies will share their insights in interaction with researchers. The audience will have an opportunity to join the discussion during Q&A sessions.
CERI-56 rue Jacob, 75006 Paris / Salle de conférences
The documentary « Nothing to Hide », dedicated to electronic surveillance and its acceptance in society, will be released this Wednesday (September 6th) at the cinéma Saint-André-des-Arts in Paris (14 screenings at 1 pm). The documentary will also be screened at the Cinéma le Rio (Clermont-Ferrand, Sept 13-27) and September 24 and 28 at the cinema Le Régent (Saint-Gaudens).
On September 30, the film will be released on the Internet (Creative Commons Non Commercial).
Availability, Reliability, and Security (ARES)
International Association for Computing and Philosophy Conference
Advocates for :
Privacy-Enhancing Technologies Symposium
NEXTLEAP’s members Ksenia Ermoshina, Harry Halpin and Francesca Musiani will present their joint paper “Can Johnny build a protocol? Co-ordinating developer and user intentions for privacy-enhanced secure messaging protocols” at the 2nd European Workshop on Usable Security. The paper gives an overview of some common protocol design questions facing developers of secure messaging protocols and tests the competing understandings of these questions using STS-inspired interviews with the designers of popular secure messaging protocols ranging from older protocols like PGP and XMPP+OTR to newer unstandardized protocols used in Signal and Briar. Far from taking users as a homogeneous and undifferentiated mass, the paper distinguishes between the low-risk users that appear in most usability studies (such as university students in the USA and Europe) and high-risk activist user-bases in countries such as Ukraine, Iran, Russia and Egypt where securing messages can be a matter of life or death.
Colloated with EuroS&P and Eurocrypt 2016. Today, the security and privacy properties of blockchain technologies are still an emerging field that is need of further research. The Bitcoin electronic cash system introduced the new field of blockchain technology as a practical mechanism for a permissionless and censorship-resistant e-cash over the Internet. However, the decentralized network and public verifiability of Bitcoin often do not provide the security and privacy properties assumed by its users. For example, despite a common assumption that Bitcoin is anonymous, transactions can be de-anonymized, limiting the commercial utility of the network and also harms individual privacy. Generalizations of Bitcoin’s underlying blockchain technology as a platform for smart contracts by Ethereum are still immature. For example, security issues in the underlying programming language for smart contracts in Ethereum led to the massive DAO Hack. More than ever, proper security and privacy properties need to be designed into the underlying framework for blockchain technologies.
NEXTLEAP researchers participated in giving a large two-hour session on Autocrypt which discussed community, useability, protocol and implementation aspects of bringing email encryption to a wider audience. About 70 people attended the session including many major implementors and people involved in the e2e email encryption space. Several conversations and new co-operations ensued.
The whole team met to discuss last advances in sub-projects. Autocrypt team have presented their new UX design approach in order to bring easy encryption to the mass. Claimchain is still at an early stage but fundamental technical considerations have been discussed.
Alfredo Pironti (ioactive) have also presented a shord talk about PGP: 15 years of broken emails… and we are still doing it wrong”
Computers, Privacy, and Data Protection Conference
Holger Krekel and Max Wiehle (Merlinux) were invited to organize this new “automatic mail encryption” conference which aims to bring developers and activists together and make progress towards more massively encrypted mails.
Bernard Stiegler (IRI) participated in a roundtable about the necessity of sharing data and source codes in a non- proprietary, open and reusable format, animated by Henri Verdier (French State Chief Technology Officer and Chief data officer, deputy to the Secretary General for Government Modernization) with Claire Legros and Yann Moulier-Boutang.
In this paper, Dario Fiore (IMDEA) (with A. Mitrokotsa and L. Nizzardo), E. Pagnin. introduced and formally define multi-key Has, proposing a construction of a multi-key homomorphic signature based on standard lattices and supporting the evaluation of circuits of bounded polynomial depth.
This ‘Open source’ discussion between Francesca Musiani and the cryptographer Ludovic Perret was animated by a journalist.
Abstract: Access to all kinds of data and the ability to collect and exploit them have now reached an unprecedented level. We are facing a unique paradox: we have to give thought to the issues of both access to data and data protection, with an emphasis on personal data protection. How does cryptology - then the science of secrecy, now a science based on trust - evolve, in today’s and tomorrow’s contexts? How should individuals now adapt their behaviours?”
Harry Halpin gave this talk aimed at designers and artists interested in privacy issues and served on the jury panel to chose the Crypto Design Award winner.
Harry Halpin (with Elijah Sparrow, Kali Kaneko, and Ruben Pollan) submitted a paper on behalf of NEXTLEAP. His paper gives an overview and open security issues with the open-source codebase that some of the NEXTLEAP partners will be using in secure messaging protocols.
Harry Halpin (INRIA) gave the opening talk at the workshop, discussing security and privacy considerations on open data.
Karthikeyan Bhargavan (INRIA) presented “Formal Verification of Smart Contracts.” focussing on a formal analysis of the reasons for the failure of smart contracts like the DAO in Ethereum, as explored in D2.1
Marios Isaakidis presented UnlimitID, a work details privacy-preserving federated identity based on Oauth that uses blind signatures to prevent the identity provider from violating the privacy of its users (D2.2). Open Access: http://dl.acm.org/citation.cfm?id=2994637&CFID=857072842&CFTOKEN=74551814
These hackathons are made to bring together developers, operators and designers to come up with creative new tools and visualisations that benefit the entire Internet community. With people from CAIDA, Forth and AMS-IX Marios Isaakidis worked on “The Remote Peering Jedi”. The purpose of the project was to detect unreported remote peerings so as to make the IXP peer selection process more transparent.
Ksenia Ermoshina presenting Nextleap on a roundtable “Outstanding Activism” with Sarah Harrison, Ksenia Ermoshina and Katharina Nocun.
Carmela Troncoso (IMDEA)
Freedom Not Fear attended is the annual meeting for civil rights activists from all across Europe. Marios Isaakidis (UCL) got involved in discussions about surveillance, privacy and EU legislation.
Bernard Stiegler (IRI)
The Internet Rules, But How? An STS take on “Doing” Internet Governance Pre-conference to AoIR by Francesca Musiani.
Association of Internet Researchers (AoIR) Conference
Harry Halpin (INRIA) attended at the invitation of Slim Amamou, NEXTLEAP Advisory Board member, and briefly presented the NEXTLEAP project. Users for future user studies were recruited from over 50+ at-risk human rights activists from North Africa and the Middle East.
Carmela Troncoso (IMDEA) will be presenting NEXTLEAP to the CAPSSI Community workshop.
Bernard Stiegler (IRI) gave a talk on disruption and the different ways to resist to the blind and destructive implementation of technologies and innovation into society. He stressed the need to select and appropriate the algorithms and software that reach them at the heart of their personal lives as well as their political rights. The video is online: http://www.tvreze.fr/Le-numerique-et-la-societe-qui-vient-comment-agir-face-a-une-technologie-aveugle_a2605.html
Harry Halpin (INRIA) attended the Web Authentication Working Group meeting, whose technology will be likely used in our open source code after a thorough privacy analysis.
Ksenia Ershomina (CNRS) will be presenting NEXTLEAP and delivering a paper called “End-to-end Encrypted Messaging Protocols”.
“Materializing governance by information infrastructure”, a talk by Francesca Musiani.
Internet Governance Middle East (IGMena) Summit
When we talk about blockchains as “part of the Web”, we face some specific questions: How does this fit into the same origin security model of the Web? What are the privacy implications, especially when talking about identity management? What part of the Web stack would be involved: client-side, server-side, protocols, interchange formats? What is the relationship to payments, including W3C’s Web Payments work.
Francesca Musiani discussed centralization and p2p systems from a socio-technical perspective, as explored in D2.2. (CNRS)
Nadim Kobeissi (INRIA)
Harry Halpin (INRIA) discussed ethical and technical issues in standardization relating to privacy and security. Open Access: https://www.securityweek2016.tu-darmstadt.de/fileadmin/user_upload/Group_securityweek2016/pets2016/4_responsibility_of_open_standards.pdf
NEXTLEAP co-organizes a panel on Decentralization and Privacy. Participants: Carmela Troncoso (IMDEA), Nadim Kobeissi (INRIA Paris), George Danezis (UCL), Harry Halpin (INRIA Paris).
Nadim Kobessi (INRIA) was involved in updating the software used for IETF standardization.
Vincent Puig (IRI) attended this workshop of presentation of CAPS Project. The afternoon discussion group about several technologies such as the blockchain, Libre Office, Owncloud, Etherpad, KDEN Live (Alternative to Première), ABC (Attribute Based Credentials), and others was fruitful and provided input to the European Commission on the importance of supporting decentralized, open source, and free software.
This event attended by Marios Isaakidis (UCL) was a participatory discussion about hacktivism as a way to protest for social or political goals. On the basis of the fact that hacktivism is often misunderstood and overlooked, the purpose of the debate was to explore how persecution of hacktivists affects other campaigns and how citizens and other activists can show solidarity. Prominent activists such as Lauri Love, Privacy International researcher Eva Blum- Dumontet and Oliver Shykles from Queer Friends of Chelsea Manning participated.
Harry Halpin participated on a panel on “Human Rights and Technology” with Patrice Chazerand (Director in charge of Digital Economy and Trade Groups, DIGITALEUROPE), Henrik Biering (CEO Peercraft), and Jacques Bus (Digital Enlightenment Forum).
Marios Isaakidis attended this conference about various contemporary issues like post- quantum, lightweight/low zero cryptography, cryptography for embedded systems, new requirements for emerging/novel applications/distributed ledger technology (eg, digital currency), cryptographic aspects of next- generation identity management, eg, biometrics, computing on encrypted data, privacy and anonymity, protocol, Cryptanalysis and Computationally Sound Analysis of Protocols.
Harry Halpin participated as part of panel “From cybersecurity to terrorism - are we all under surveillance?” with Jans Kleijssen (Council of Europe), Gregory Mounier (Europol), Valentina Pellizzer (OneWorld Platform), and Sacha van Geffen (Greenhost). Policy issues involving encryption and “end-user” cybersecurity were put forward.
With a presentation by Georges Danezis (UCL).
Videos are available at https://digital-studies.org/wp/seminaire-digital-studies-2015-2016/
Holger Krekel (Merlinux) attended this gathering of CAPS-related EU projects and interested parties. He gave an impromptu overview on aspects of NEXTLEAP and thereafter enjoyed fruitful discussions with Stravroula Maglavera from the MAZI project (offline communication infrastructures for physical communities) and with Renato Lo Cigno from the NETCOMMONS project (network infrastructure as commons). They gathered interest in arranging another meet-up to exchange research, development and community insights and tools.
Harry Halpin presented “A Batalha pelo Controle dos Padrões Abertos: o IETF, W3C, DRM, Blockchains e além” (A battle to control the Web: IETF, W3C, DRM, Blockchains, and More”) that discussed open standards and encryption with an audience of concerned citizens and human rights defenders in Brazil.
Summer school on real-world cryptography and privacy, with a presentation by Carmela Troncoso (IMDEA).
Nadim Kobeissi (INRIA)
Marios Isaakidis (UCL) organized a cryptoparty with invited talks from Cyprus University of Technology, the developers of the private message and file sharing system Peerio (https://peerio.com) and the EMEA Internet Observatory (http://hack66.info/observatory). Marios Isaakidis gave a talk on the peer-to-peer censorship circumvention system CENO (https://censorship.no).
Max Wiehle (Merlinux) attended the LEAP and PIXELATED gatherings in order to establish contact with a major integration community of NEXTLEAP and also to discuss how future NEXTLEAP efforts relate to LEAP. They discussed in-depth with developers about current and planned key management protocols and discussed challenges and tasks. Discussions also took place with South American email providers and activists who are looking at using LEAP and automatic key management.
NetFutures 2016 “Sharing Economy” Panel with Harry Halpin (INRIA) and George Danezis (UCL).
This event attended by Harry Halpin (INRIA) featured a discussion over the role of DRM (Digital « Rights » Management) in open standards via Encrypted Media Extensions, including the dangers to security researchers. Other participants included Joi Ito (Media Lab), Richard Stallman (Free Software Foundation), and Danny O’Brien (EFF).
Max Wiehle (Merlinux) went to this annual convention of activists and programmers and led a workshop on how to fight vandalism in Wikis and other collaborative contexts. A particularly interesting discussion came about with Debian developer and cryptographer Daniel Kahn Gillmor and Marios Isaakidis (UCL) on how a provider/server can prove that a client initiated a key change to deflect false “I didn’t submit this key” accusations. The IFF also helped NEXTLEAP to get a better picture of end-user use cases. The audience and participants included activists, researchers, trainers, journalists and social scientists. This diversity made it very clear that the use cases depend heavily on the community in question.
Karthik Bhargavan (INRIA) attended. The work presented formal verification over TLS, a key protocol on the network layer for identity and encrypted messaging systems.
NextLEAP team F2F meeting
Marios Isaakidis (UCL) attended the largest Free Software Developers meeting in Europe and got involved in the security, synchronous communications and decentralizations dev-rooms.
Carmela Troncoso (IMEDA) gave a talk at a panel entitled “Enhancing privacy and security through technological innovation” organized by DG CONNECT. https://www.youtube.com/watch?v=nHQblksLL4s