Today, the world is more connected than ever before. In 2018, already over half of the world`s
population is online, which amounts to more than 4 billion people. The modern Internet includes
computing paradigms such as cloud computing or the Internet of Things (IoT) which entirely changed
the way we communicate and process data and which types of data are communicated over public
networks. Huge amounts of potentially sensitive data now leave classical security perimeters and are
processed and accessed by multiple different (untrusted) entities potentially in an ad-hoc fashion.
The devices found on the Internet range from classical servers, desktops and laptops to (small)
physical devices, home appliances or other items embedded with electronics, software, sensors, or
actuators.
These developments can bring additional comfort and increased quality of living to individuals and
help to make many of our daily tasks much less complicated. However, the Internet is also a place
where users are prone to become victims of criminal actions like data and identity theft and the
Internet is also increasingly intertwined with a geopolitical environment making users prone to being
surveilled or even controlled.
To achieve strong security and privacy guarantees, cryptography is the foundational technology.
Today, much of our personal freedom and the power to guarantee and maintain a free society
depends on cryptographic primitives incorporated in the security protocols used within the Internet.
While regulations like the upcoming EU General Data Protection Regulation (GDPR) promote the
usage of cryptography to protect sensitive data, revelations about activities of governmental
agencies have revealed worrying information. Governmental agencies have subverted cryptographic
software products, certification authorities, backdoored cryptographic schemes or influenced and
weakened cryptographic standardization processes. Besides providing governmental institutions
means to spy on citizens, such practices are highly vulnerable to also be exploited by non-
governmental adversaries.
Many of the cryptographic schemes used to secure today`s Internet were not designed with the
functionality and the security requirements in mind that come along with tomorrow`s envisioned
use-cases on the Internet. This requires novel and typically more sophisticated cryptographic
schemes that consider aspects that were not known or of interest in the early days of the Internet.
Cryptography, which is capable to secure a future-proof Internet, needs to consider all these issues,
but additionally needs to be flexible enough to work on both ends of the spectrum, i.e., resource
constrained IoT devices as well as cloud-powered services. In addition, one needs to consider more
recent aspects such as security in the presence of powerful quantum computers.
Within PROFET we aim at designing cryptography that is subversion resilient by design and secure in
the presence of powerful quantum computers and thus capable to securing tomorrow`s Internet.