The University of Neuchâtel (UNINE), partner of the VEDLIoT project, recently played host to the 17th ACM International Conference on Distributed and Event-based Systems (DEBS’23), from 27 to 30 June, in Neuchâtel (Switzerland).
Among many papers, the University of Neuchâtel unveiled an industry paper entitled Preventing EFail Attacks with Client-Side WebAssembly: The Case of Swiss Post’s IncaMail, which is a collaborative endeavor with Swiss Post’s Neuchâtel branch, which holds a notable reputation as the national competence center for electronic voting and cryptography. The study was conducted by Pascal Gerig, who completed this impactful work as part of his master’s thesis, under the guidance of Professor Pascal Felber, lecturer Dr Valerio Schiavoni, Ph.D. candidate Jämes Ménétrey from the Institute of Computer Science of the Swiss University, and Florian Stoller, the developer leading the IncaMail product at Swiss Post.
This study yielded a prototype that represents a performance improvement in IncaMail’s encryption capabilities. By strategically offloading some of the cryptographic operations to the client-side using the cutting-edge technology WebAssembly, the team has increased the speed of message encryption and decryption while ensuring the size of attached files remains unaffected.
As Pascal Gerig and his team noted in their scientific article, “The new architecture reduces Swiss Post’s resource usage, minimises client-server traffic, and strengthens the security posture by minimising the trusted computing base”. The team now faces the exciting challenge of scaling this proof of concept into a system-wide solution.