Center for Cybersecurity

Internships

Open Calls

This page lists the internship projects currently available in the Center for Cybersecurity of Fondazione Bruno Kessler (FBK).

Procedure

  1. Application: submit your application for the internship project you are interested in using the designated online form and providing the required information. Make sure to apply before the specified deadline. You are advised not to apply to more than two projects at the same time.
  2. Selection: project supervisors will review the applications and choose the most suitable candidate. If needed, they may request an oral interview during the selection process. Each project is evaluated independently.
  3. Results: once the selection process is complete, all applicants (both selected and not selected) will be notified of the outcome for the specific project.

For general inquiries, you can email internships-cs@fbk.eu. If you have specific questions about a project, please reach out to the project supervisor directly.

Please note that applications sent via email will not be considered.

Projects are listed starting with those that have the earliest submission deadlines.

Validation of post-quantum algorithms in OpenSSL ALEPH ST

ID: p-2025-st-5

Published on: Friday, 11 April 2025

Deadline for Applications: Friday, 9 May 2025 at 23:59

Description:

OpenSSL is a software library initially released in 1998 that implements SSL and TLS protocols. Its usage provides secure communications over networks, and it has steadily become the de facto standard for the integration of TLS in webservers. With its latest release (v3.5), OpenSSL has deployed three PQC algorithms: ML-KEM (FIPS 203) for key exchange, ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) as signature methods.
The primary objective of this internship is to compare the algorithms’ implementation and validate the design choices performed during the design phase, investigating for common implementation flaws and possible side-channel attacks.

Type: Internship + Thesis

Level: MSc

Supervisors: Riccardo Longo (rlongo@fbk.eu), Salvatore Manfredi (smanfredi@fbk.eu)

Time frame: The internship period will begin in the middle of July, or later if preferred.

Prerequisites:

  • Experience with C
  • Basic knowledge of the TLS protocol (e.g. Intro2CNS or Networking course)
  • Advanced Programming of Cryptographic Methods course (or equivalent)

Objectives: Use the NIST reference implementations to validate the PQC algorithms implemented in OpenSSL

Topics: Post-quantum cryptography, OpenSSL, TLS, Implementation validation

References:

  • [1] OpenSSL 3.5: Upcoming Release Announcement • Link
  • [2] Module-Lattice-Based Key-Encapsulation Mechanism Standard (FIPS 203) • Link
  • [3] Module-Lattice-Based Digital Signature Standard (FIPS 204) • Link
  • [4] Stateless Hash-Based Digital Signature Standard (FIPS 205) • Link