Skip to main content

Funding Recipients 2024

The RIPE NCC Community Projects Fund opened its call for applications in February 2024. The application period was open for just over 16 weeks and 40 applications from 19 countries were submitted to the Selection Committee.

The RIPE NCC Community Projects Fund Selection Committee has reviewed the applications and is happy to announce that the following five projects have been selected as the 2024 recipients of the RIPE NCC Community Projects Fund.

Congratulations to the selected projects!

Open Source Distributed Symmetric Key Exchange Implementation

Name: Melchior Aelmans

Funding: €84,000

This project focuses on developing a reference implementation of a quantum-resistant key exchange protocol, based on the research paper "Quantum-Resistant Trustless Key Exchange and Secure Communication."

Unlike traditional Quantum Key Distribution (QKD), which is energy-intensive and requires specialised hardware, this protocol operates entirely through software, enabling secure communication on standard devices. The protocol uses advanced cryptographic techniques to resist quantum computing attacks, making it suitable for future-proof, secure communications.

By releasing the implementation as open source, the project fosters community collaboration, providing developers and organisations with an accessible tool for enhancing secure communications while reducing energy consumption associated with hardware-dependent QKD systems.

OpenPenny - An open-source tool to identify non-spoofed traffic

Name: Petros Gkigkis in collaboration with UCL

Funding: €46,000

The OpenPenny project aims to develop an open-source tool that empowers Internet Service Providers (ISPs) and Internet Exchange Points (IXPs) to proactively identify and mitigate real network anomalies. By detecting unexpected traffic and employing advanced techniques to differentiate between genuine and spoofed packets, OpenPenny helps network operators proactively address issues such as misconfigurations, suboptimal routing, and security threats. The project team is actively working to address various practical challenges, including TCP quirks, external losses, potential user impact, and tool-aware spoofers.

Policy Certification and Verification for Cybersecurity in the Internet of Things (IoT)

Name: Mulini SRL

Funding: €40,000

This project addresses the cybersecurity and privacy risks posed by IoT devices, which collect and transmit personal data. It aims to develop scalable, automated methodologies to verify and certify the cybersecurity compliance of IoT devices. Key components include continuous monitoring and testing of device behaviour in both laboratory and real-world environments, supported by machine learning models to assess compliance with security standards.

The project will also establish frameworks for live certification on IoT gateways, enabling real-time assessment of devices against regulatory requirements. To ensure industry-wide applicability, it collaborates with ISPs, the IETF, manufacturers, and regulators, contributing to a standardised, reliable certification process that enhances consumer trust in IoT security.

GuardXP: From Data Privacy to Improved Cybersecurity

Name: Universitat Politècnica de Catalunya (UPC) / Consorci de Serveis Universitaris de Catalunya (CSUC)

Funding: €40,000

GuardXP is a data filtering server that transparently removes tracking elements from web traffic, addressing privacy and security concerns associated with data brokers who aggregate personal data for profit. In addition to the server, GuardXP includes a companion browser plugin, allowing users to filter online content on their personal devices. By intercepting web connections, GuardXP helps prevent targeted phishing and other attacks that exploit personal data. This open-source tool targets the root of data privacy issues by reducing the impact of tracking systems, enhancing individual cybersecurity and mitigating human vulnerability in cyber defences.

Open Domain Rank: A Community-Developed Measure for Domain Reputation Ranking Based on Unique Identifiers’ Relationships

Name: Soroush Rafiee Rad

Funding: €34,000

This project establishes a domain reputation ranking system, built on analysing the relationships among unique identifiers such as DNS records, WHOIS information, BGP activities, and IP/ASN registrations. By applying graph theory, the project develops a metric for domain reputation based on the connectivity and influence of each identifier within the Internet infrastructure. The reputation ranking leverages existing lists of known entities and aggregates this data into a normalised, queryable ranking.

A community of experts and enthusiasts will maintain the system, with a governance structure that allows for extending, revising, or updating criteria. The project provides real-time data access, supporting a transparent and collaborative approach to evaluating domain trustworthiness.