Funding Recipients 2024
The RIPE NCC Community Projects Fund opened its call for applications in February 2024. The application period was open for just over 16 weeks and 40 applications from 19 countries were submitted to the Selection Committee.
The RIPE NCC Community Projects Fund Selection Committee has reviewed the applications and is happy to announce that the following five projects have been selected as the 2024 recipients of the RIPE NCC Community Projects Fund.
Congratulations to the selected projects!
Open Source Distributed Symmetric Key Exchange Implementation
Name: Melchior Aelmans
Funding: €70,000
This project focuses on developing a reference implementation of a quantum-resistant key exchange protocol, based on the research paper "Quantum-Resistant Trustless Key Exchange and Secure Communication."
Unlike traditional Quantum Key Distribution (QKD), which is energy-intensive and requires specialised hardware, this protocol operates entirely through software, enabling secure communication on standard devices. The protocol uses advanced cryptographic techniques to resist quantum computing attacks, making it suitable for future-proof, secure communications.
By releasing the implementation as open source, the project fosters community collaboration, providing developers and organisations with an accessible tool for enhancing secure communications while reducing energy consumption associated with hardware-dependent QKD systems.
RIPE Atlas Distributed Network Telescope
Name: Universidad de Granada
Funding: €66,000
This project could enhance the RIPE Atlas platform by capturing Internet Background Radiation (IBR) traffic, which includes unsolicited traffic that reaches network nodes, often revealing cyber threats and misconfigurations.
By modifying existing Atlas probes to capture IBR traffic on any TCP/UDP port, the project enables the creation of a vast, distributed network telescope without requiring additional IP addresses or costly infrastructure.
The data collected will provide researchers, universities, and cybersecurity professionals with critical insights into malicious activities, aiding efforts to improve Internet security. The project also involves designing a distributed architecture for IBR data collection and storage, allowing RIPE Atlas users to contribute to Internet monitoring efforts.
Policy Certification and Verification for Cybersecurity in the Internet of Things (IoT)
Name: Mulini SRL
Funding: €40,000
This project addresses the cybersecurity and privacy risks posed by IoT devices, which collect and transmit personal data. It aims to develop scalable, automated methodologies to verify and certify the cybersecurity compliance of IoT devices. Key components include continuous monitoring and testing of device behaviour in both laboratory and real-world environments, supported by machine learning models to assess compliance with security standards.
The project will also establish frameworks for live certification on IoT gateways, enabling real-time assessment of devices against regulatory requirements. To ensure industry-wide applicability, it collaborates with ISPs, the IETF, manufacturers, and regulators, contributing to a standardised, reliable certification process that enhances consumer trust in IoT security.
GuardXP: From Data Privacy to Improved Cybersecurity
Name: Universitat Politècnica de Catalunya (UPC) / Consorci de Serveis Universitaris de Catalunya (CSUC)
Funding: €40,000
GuardXP is a data filtering server that transparently removes tracking elements from web traffic, addressing privacy and security concerns associated with data brokers who aggregate personal data for profit. In addition to the server, GuardXP includes a companion browser plugin, allowing users to filter online content on their personal devices. By intercepting web connections, GuardXP helps prevent targeted phishing and other attacks that exploit personal data. This open-source tool targets the root of data privacy issues by reducing the impact of tracking systems, enhancing individual cybersecurity and mitigating human vulnerability in cyber defences.
Open Domain Rank: A Community-Developed Measure for Domain Reputation Ranking Based on Unique Identifiers’ Relationships
Name: Soroush Rafiee Rad
Funding: €34,000
This project establishes a domain reputation ranking system, built on analysing the relationships among unique identifiers such as DNS records, WHOIS information, BGP activities, and IP/ASN registrations. By applying graph theory, the project develops a metric for domain reputation based on the connectivity and influence of each identifier within the Internet infrastructure. The reputation ranking leverages existing lists of known entities and aggregates this data into a normalised, queryable ranking.
A community of experts and enthusiasts will maintain the system, with a governance structure that allows for extending, revising, or updating criteria. The project provides real-time data access, supporting a transparent and collaborative approach to evaluating domain trustworthiness.