Interview with Pedro Miranda, Artur Nóbrega, & José T. de Sousa (IObundle ) – NGI Assure beneficiaries

“IObundle” Project

All Interviews

Do you think the Internet could be safer and more eco-friendly? 🌳​

Meet Pedro Miranda, Artur Nóbrega, and José T. de Sousa from IObundle and projects like OpenCryptoHW, OpenCryptoLinux, and OpenCryptoTester, designed to make the Internet more secure and energy-efficient.

Are you curious how their innovative hardware solutions can tackle significant issues in internet security and reduce environmental impact?

Welcome to the world of IObundle!


CAN YOU INTRODUCE YOUSELVES AND YOUR PROJECT?We are Pedro Miranda, Artur Nóbrega, and José T. de Sousa.🧑‍🎓 Pedro and Artur are engineers at IObundle; José is a manager and developer at IObundle and a professor at the University of Lisbon.

We have contributed to three NGI Assure projects run by IObundle and focused on internet security:

📌​ OpenCryptoHW.

📌​ OpenCryptoLinux.

📌​ OpenCryptoTester.

We proposed a reconfigurable hardware approach to encrypt and decrypt messages encoded in the post-quantum AES256, SHA256, and McEliece cryptosystems. The reconfigurable hardware approach aims to increase the difficulty of cracking the keys and simultaneously boost performance while lowering power consumption.

What are the key issues you see with the state of the Internet today?
In order of importance, the three fundamental issues are Privacy, Data Security, and Environmental Impact.

Regarding privacy and security, frequent data breaches expose the sensitive information of millions of users, and government and corporate surveillance erodes privacy. Extensive data collection by tech companies often needs more transparency and consent.
Regarding Environmental Impact, data centres have significant carbon footprints, especially with emerging technologies such as AI.

How does your project contribute to correcting some of those issues?
Our projects tackle the Security and Environmental impact issues on two sides:

By using reconfigurable hardware accelerators, we enable higher security algorithms with longer keys to be executed in a reasonable time and energy budget.
Hacking the system to steal keys becomes increasingly tricky as the hacker needs to override the OS kernel protections to access the hardware and reverse engineer the algorithm to configure and run the hardware accelerators. As for energy consumption, a similar software algorithm would need considerably more system clock cycles, demanding a much more powerful CPU or GPU hardware.

What do you like most about (working on) your project?
We like to work on improving the Internet for all and realize that doing so involves a combined hardware and software solution.

This realization leads us to open-source hardware design, which is less common than open-source software development. It also explains why we have reached such a precarious internet security: hardware code has not been as publicly scrutinized as software code, which is an open door for bugs and security pitfalls.

Where will you take your project next?
Our projects are taking us deep into open-source hardware design, first to improve the Internet and second as a general necessity for humanity. Open source has emerged in recent years as a critical progressive force for emergent technologies. In particular, AI technologies sincerely rely on open-source foundational code.

We have identified a fundamental weakness in open-source hardware projects: the bias towards FPGA implementations because they are easy to access. Unfortunately, most code that runs on FPGAs cannot be synthesized for an integrated circuit. Hence, most open-source “hardware” code is instead FPGA “software”.

How did NGI Assure help you reach your goals for your project?
NGI Assure has been an indispensable tool for guaranteeing that we have dedicated project resources. We are lucky that NGI Assure understands the technical issues and their relevance to the goal of a more accessible, safer, and more trustworthy Internet.

We are profoundly grateful to have been given the chance to work on the specific topic of cryptosystems for reconfigurable hardware. While this subject is still somewhat esoteric, our open-source hardware repositories that support it have grown significantly in terms of users and GitHub stars.

Do you have advice for people who are considering applying for NGI funding?
Understand NGI Objectives, which means:

📌 Familiarize yourself with the goals of the NGI initiative, which focuses on creating a more human-centric internet and promoting privacy, trust, security, and inclusion.

📌 Ensure your project aligns with the specific call’s objectives and requirements.

📌 Propose an innovative project that has the potential for a significant impact on the internet ecosystem.

📌 Clearly define the problem, your solution, the methodology, expected outcomes, and impact.

📌 Avoid jargon, but know that NGI experts can understand various technical topics.

📌 Demonstrate the feasibility of your project, including a realistic timeline and budget.

📌 Address how the project will be sustained beyond the funding period.

Do you have any recommendations to improve future NGI programs or the wider NGI initiative?
💫​ Support SMEs with good ideas and willing to contribute to open-source projects.

💫​ Donations to individual contributors are essential. However, an R&D project framework would best support SMEs, allowing them to frame NGI funds as research grants and permitting hiring contributors with all due social benefits.

💫​ Provide additional support for projects with potential for long-term impact and broader adoption.

NGI Assure (NGI GO2S) has received funding from the European Commission, as part of the Horizon 2020 Research and Innovation Programme, under Grant Agreement Nº 957073. This Project is funded under the NGI (Next Generation Internet) Initiative, powered by the Digital Single Market of the European Commission. NGI Assure was previously also referred to as NGI Go2S.