Centre for Cyber Trust
Trust in today’s Internet architecture relies on a multitude of certificate authorities issuing valid certificates. Without client-side defense mechanisms, a single bogus authority is capable of issuing a second certificate for an existing domain with which a client can be tricked into communicating with a server impersonating the genuine one.
The external pageCentre for Cyber Trustcall_made explores new ways in establishing trust in the Internet requiring less trust anchors and utilizing trust that has already been established in the physical world.
This research project is a joint effort with the Information Security Group (ETH Zürich), the Network Security Group (ETH Zürich), and the external pageUsable Security And Privacy Groupcall_made (University of Bonn). The focus of our group is on verifying safety, functional correctness, and security of implementations to further increase trust in the overall system. For this purpose, we are designing techniques for proving security properties of systems programs and developing an automatic verifier for Go code with static type annotations, based on the Viper verification infrastructure. Further information can be found on our external pagejoint webpagecall_made.
Publications
The publications can be found on external pagethe centre's webpagecall_made.
Acknowledgments
The Centre for Cyber Trust is supported by the external pageWerner Siemens Foundationcall_made.