Internships

Open Calls

This page lists the internship projects currently available in the Center for Cybersecurity of Fondazione Bruno Kessler (FBK).

Procedure

  1. Application: submit your application for the internship project you are interested in using the designated online form and providing the required information. Make sure to apply before the specified deadline. You are advised not to apply to more than two projects at the same time.
  2. Selection: project supervisors will review the applications and choose the most suitable candidate. If needed, they may request an oral interview during the selection process. Each project is evaluated independently.
  3. Results: once the selection process is complete, all applicants (both selected and not selected) will be notified of the outcome for the specific project.

For general inquiries, you can email internships-cs@fbk.eu. If you have specific questions about a project, please reach out to the project supervisor directly.

Please note that applications sent via email will not be considered.

Projects are listed starting with those that have the earliest submission deadlines.

Trusted Execution Environments for Cryptographic Access Control ALEPH

ID: p-2025-aleph-3

Published on: Tuesday, 4 November 2025

Deadline for Applications: Wednesday, 31 December 2025 at 23:59

Description:

The possibility (and convenience) of storing and sharing data through the cloud entails a set of concerns to data security, such as the presence of external attackers, malicious insiders, and honest-but-curious cloud providers. Cryptographic Access Control (CAC) addresses these concerns but presents practical limitations, primarily due to the computational overhead of key management and user revocation. Stemming from a collaboration between the Center for Cybersecurity (CS) of FBK and the Ca' Foscari University of Venice (UniVE), a recently published article [1] proposes an abstract methodology to integrate Trusted Execution Environments (TEEs) with CAC and relieve such overhead. In this context, applicants would collaborate on extending the work in [1] by choosing one or more of the following activities:

  1. review the methodology in [1] and investigate its security. This activity may include the use of formal methods;
  2. implement and experimentally evaluate the performance of the methodology. This activity may include coding, interfacing with TEEs, and integration with tools implementing CAC such as CryptoAC [2].
This project provides the opportunity to acquire the fundamentals of scientific research, investigate and explore cutting-edge and relevant research topics, and engage in software engineering and development while allowing applicants to design, propose, and implement their own ideas.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisors: Stefano Berlato (sberlato@fbk.eu), Matteo Busi

Prerequisites:

  • Basic understanding of cybersecurity principles.
  • Basic knowledge of programming and applied cryptography.
  • Knowledge of trusted execution environments and formal methods may be advantageous.

Objectives:

  • Familiarization and study of the context (i.e., cryptographic access control, trusted execution environments).
  • Investigation of possible extensions to the solution proposed in [1].
  • Implementation and evaluation of the chosen extensions.

Topics: Access Control, Applied Cryptography, Trusted Execution Environments

References:

  • [1] Work-in-Progress: Optimizing Performance of User Revocation in Cryptographic Access Control with Trusted Execution Environments • Link
  • [2] CryptoAC • Link

Transparency logs as bulletin boards ALEPH

ID: p-2025-aleph-4

Published on: Friday, 7 November 2025

Deadline for Applications: Sunday, 7 December 2025 at 23:59

Description:

Bulletin Boards (BB) are a commonly resorted to, but not well specified, notion in cryptography, such as secure multiparty computation protocols. The main properties expected of a bulletin board are cryptographic verifiability, ability to be written to by several participants, and immutability - or at least, tamper-evidence.
Many BB design goals are reminiscent of Certificate Transparency (CT) logs -- publicly verifiable, tamper-proof, append-only logs of issued PKI certificates.
A use case of particular interest is e-voting protocols, especially cast ballot verifiability in the voting phase.
This internship is focused on the potential for CT log technologies as implementations of BBs, and research on possible enhancements of particular interest for the chosen use case.

Type: Internship + Thesis

Level: MSc

Supervisors: Riccardo Longo (rlongo@fbk.eu), Alessandro Tomasi (altomasi@fbk.eu)

Time frame: Available immediately or from March 2026

Prerequisites:

  • An undergraduate course in cryptography is required for basic notions.
  • Programming experience and willingness to produce working code is required. Experience of go would be highly advantageous, but similar high-level languages such as python or java would also be sufficient.

Objectives: The following objectives may be weighted differently according to interest, availability, and the chosen topic:

  1. State of the art in CT logs and cryptographic primitives of interest
  2. Familiarity with tools used for CT (trillian, sunlight)
  3. Application of trillian for chosen use case (e-voting)
  4. Research: cryptographic countermeasures against split views of the same log

Topics: Bulletin board, Certificate transparency