collaborative research projects


Orange Labs are involved in various European and French collaborative projects.

The H2020 research project PAPAYA

The valuable insights that can be inferred from analytics of data generated and collected from a variety of devices and applications are transforming businesses and are therefore one of the key motivations for organisations to adopt such technologies. Nevertheless, the data being analysed and processed are highly sensitive and put the individuals’ rights to privacy at risk. With the imminent arrival of the European General Data Protection Regulation (GDPR), companies are coerced to adopt privacy enhancing technologies that, on the one hand, protect data to ensure their clients’ privacy and on the other hand, allow their processing while keeping them meaningful, useful, and protected at the same time.
The H2020 PAPAYA project aims at addressing the privacy concerns when data analytics tasks are performed by untrusted third-party data processors. Since these tasks may be performed obliviously on protected data (i.e. encrypted data), the PAPAYA will design and develop dedicated privacy preserving data analytics primitives that will enable data owners to extract valuable information from this protected data, while being cost-effective and accurate.
The PAPAYA project will consider compliance with the GDPR as a key enabler to provide solutions that minimize the privacy risks while increasing trust in third-party data processors by means of auditing and visualization modules. The PAPAYA primitives as well as the auditing and visualization modules will be combined in an integrated platform that will be designed, implemented and validated through a set of use cases reflecting relevant real world applications (namely, healthcare analytics and web & mobile data analytics).
The project was launched on May, 2018 and has the following partners:

  • EURECOM (project leader)
  • IBM Israel
  • Karmstad University
  • MediaClinics Italia
  • Orange
  • ATOS

The H2020 research project PROMETHEUS

Privacy-preserving cryptographic protocols allow users to take common daily life actions online (e.g, purchases, reservations or voting) without leaking sensitive personal information. They typically combine various tools such as ,digital signatures, homomorphic encryption or zero-knowledge proofs. While practical solutions exist under RSA or discrete logarithm assumptions, they are all completely vulnerable to quantum attacks, so that working quantum computers would immediately make them obsolete.
To address this threat, the PROMETHEUS project will enable users' privacy in the post-quantum world by providing a complete toolbox of innovative, efficient and quantum-secure cryptographic techniques adapted to modern services. It will provide new building blocks in relation with international competitions and standardisation processes, as well as advanced properties dedicated to the design of sophisticated protocols.
To this end, PROMETHEUS will focus on lattice-based cryptography and first conduct an in-depth study of the hardness of lattice problems in the quantum world, which will drive the development of better basic tools for lattice-based cryptography. Then, it will give a new set of practical primitives (signatures, public-key encryption, pseudorandom functions, etc) and suitable methods to combine them with efficient zero-knowledge proofs. These new tools will lead to the design of practical advanced protocols, like anonymous credentials, digital cash or electronic voting, that maintain users' privacy against quantum adversaries. The security of these protocols will be considered in its entirety, from theoretical definitions allowing quantum accesses to certain functionalities to practical implementations accounting for side-channel leakages.
As a concrete outcome, PROMETHEUS will highlight the feasibility of post-quantum privacy via demonstrators for several real-life use cases, including electronic payments, e-voting and cyberthreat intelligence.
The project was launched on January, 2018 and has the following partners:

  • Ecole Normale Supérieure de Lyon (project leader)
  • Orange (scientific leader)
  • CWI
  • IDC Herzliya
  • Royal Holloway University of London
  • Ruhr Universitaet Bochum
  • SCYTL
  • Thales
  • TNO
  • Universitat Politecnica de Catalunya
  • Université de Rennes 1
  • Weizmann Institute

The French research project RISQ

Le grand défi RISQ s’inscrit dans tous les domaines technologiques ayant recours à des méthodes cryptographiques, c’est-à-dire des méthodes mathématiques de protection des données et des échanges. Il touche donc des domaines aussi variés que les communications sécurisées (réseaux internet et mobiles), les cartes à puces, les documents d’identité, les systèmes embarqués de manière générale, et demain dans les objets connectés (« Internet-of-Things »). Dans les prochaines années, un changement technique majeur devra être opéré de manière à garantir dans tous les domaines cités un niveau de sécurité satisfaisant et durable. Des initiatives anticipant ce changement (préparation de normes, prototypages) ont été observées dans d’autres pays, et ce à juste titre car la chaîne de valeur toute entière doit être adaptée.
Le grand défi RISQ regroupe la filière française de la sécurité du numérique (académiques et industriels) dans le but de coordonner la mise au niveau de l’ensemble des acteurs avant que des normes internationales imposées et des concurrents internationaux mieux préparés ne les mettent en difficulté sur leur marché respectif. Au contraire, le grand défi RISQ prévoit que les acteurs français, en regroupant leurs compétences fortes, prennent part à l’élaboration des normes, développent en amont la technologie et la propriété intellectuelle nécessaires, évaluent et mettent en place des processus de migration, de sorte que l’industrie française soit réactive face à ce changement technologique. Actant le caractère capital que revêt le projet, plusieurs grands industriels ont souhaité y prendre part même sur fonds propres.
The project was launched on April, 2017 and has the following partners:

  • Secure-IC (porteur du projet)
  • Airbus
  • ANSSI
  • CEA
  • CryptoExperts
  • CS Communication & Systèmes
  • ENS
  • Gemalto
  • IRISA
  • INRIA Paris
  • INRIA Rhônes Alpes
  • Orange
  • Paris Centre for Quantum Computing
  • Université de Versailles Saint-Quentin-en-Yvelines
  • Thales

The ANR research project PerSoCloud

The PerSoCloud project aims at designing and implementing a Privacy-by-Design Personal Cloud Sharing Platform. The Personal Cloud is a privacy-by-design paradigm giving users the ability to store their complete digital environment, synchronize it among various devices and share it with other users and applications under their control. PerSoCloud will address this sharing challenge: sharing data among the owner's devices, among identified users and among a large community, all this with strong privacy guarantees. This platform will be validated through three scenarios illustrating each of the targeted challenges. The first two scenarios correspond to usual actions performed today by users willing to access their documents from multiple devices and willing to share documents with partners. The third scenario is a privacy-preserving community-based application where users can get advices from their community by distributing queries among social graphs, or can be safely involved in global/big data computations over personal data. In addition, a legal analysis will guarantee compliance of this platform with the security and privacy French and UE regulation, which firmly promotes the Privacy by Design principle, including the current reforms of personal data regulation.
The project was launched on January, 2017 and has the following partners:

  • Orange Labs (coordinator)
  • Cozy Cloud
  • INRIA Saclay
  • Université de Versailles Saint-Quentin-en-Yvelines

The French research project SIMPATIC

Bilinear pairings are special kinds of functions that map pairs of points on groups to points in a third group. They make it possible to design cryptographic schemes with new properties that seem to be difficult to achieve in a more traditional public key cryptography setting, such as cryptography without Public Key Infrastructure (PKI), shorter signatures, cryptosystems with additional properties, or more secure systems. The aim of the SIMPATIC (SIM and PAiring Theory for Information and Communications security) project is first to provide the most possible efficient and secure hardware/software implementation of a bilinear pairing in a SIM card. This implementation will be next used to improve and develop new cryptographic efficient algorithms and protocols in the context of mobile phone and SIM cards. These pairing-based cryptographic tools will be finally used to develop or improve the security of several mobile phone based services. The project will more precisely focus on e-ticketing and e-cash, on cloud storage and on the security of contactless and of remote payment systems.
The project was launched on February, 2013 and has the following partners:

  • Orange Labs (coordinator)
  • Ecole Normale Supérieure
  • INVIA
  • Oberthur Technologies
  • ST-Ericsson
  • Université de Bordeaux 1
  • Université de Caen Basse-Normandie
  • Université de Paris VIII

The French research project LYRICS

LYRICS – Lightweight privacY-enhancing cRyptography for mobIle Contactless Services – is a cooperative project funded by ANR (French Research Agency) in the call "Ingénierie Numérique et Sécurité" (INS 2011).
The next generation of mobile and smart phones will integrate NFC (Near Field Communication) chips. With the fast emergence of this contactless technology, mobile phones will soon be able to play the role of e-tickets, credit cards, transit pass, loyalty cards, access control badges, e-voting tokens, e‑cash wallets, etc.
The main goal of LYRICS is to enable end users to securely access and operate these contactless services in a privacy-preserving manner that is, without having to disclose their identity or any other unnecessary information related to personal data. More specifically, we intend to design new innovative cryptographic solutions that achieve the fundamental privacy principles such as data minimization, which states that only the information that is strictly necessary to complete a particular transaction should be disclosed (and nothing more).
The project was launched on February, 2012 and has the following partners:

  • Orange Labs (coordinator)
  • Atos Worldline
  • Microsoft
  • NEC Corporation
  • Oberthur Technologies
  • ENSI de Bourges
  • ENSICAEN
  • IRISA (université de Rennes 1)
  • MODYCO (université de Paris Ouest Nanterre la Défense)

The French research project TACITES

TACITES – Tag Authentication and Convergence for Internet of Things and Enhanced Security – is a 2-year France government funded project. Dedicated to the design of a prototype RFID tag for product authentication, and exploring extended functionality to the end-user, the project was launched on January 31, 2011 and has the following partners:

  • Orange Labs (coordinator)
  • Cassidian
  • FIME
  • GREYC (université de Caen)
  • IM2NP (université Aix-Marseille et Sud Toulon-Var)
  • INVIA
  • LIC

The EU STREP research project TAMPRES

TAMPRES – Tamper Resistant Sensor node – is a 3-year STREP funded within the Information Societies Technology (IST) Programme of the European Commission's Seventh Framework Program (FP7). Dedicated to the design and analysis of a side-channel resistant lightweight cryptographic library for use in sensor nodes, it was launched on December 12, 2010 and has the following partners:

  • IHP Microelectronics (coordinator)
  • Coalesence
  • Eurecom
  • NXP
  • Orange Labs
  • TU Graz
  • UC Louvain

The ECRYPT2 Network of Excellence in Cryptology

ECRYPT2 – European Network of Excellence for Cryptology – is a 4-year network of excellence funded within the Information Societies Technology (IST) Programme of the European Commission's Seventh Framework Program (FP7). ECRYPT2 is the follow-on to the highly successful network of excellence ECRYPT and its objective is to intensify the collaboration of European researchers in information security and cryptology. It is coordinated by the Katholieke Universiteit Leuven.

The French research project PACE

PACE (Pairings and Advances in Cryptography for E-cash) is a 4-year ANR project which goal is to use the new and powerful bilinear pairing tool to solve remaining problems in electronic cash and related cryptographic tools. It was launched on February 6, 2008. It involves the following partners:

  • Orange Labs (coordinator)
  • LIENS – Laboratoire d'informatique de l'ENS
  • NXP Semiconductors France
  • Gemalto
  • LIX Ecole Polytechnique
  • Université de Caen
  • Cryptolog

The French research project SAVE

SAVE (Sécurité et Audit du Vote Electronique) is a 3-year French ANR project studying all security aspects of e-voting systems. It was launched on June 12, 2007. It involves the following partners:

  • Orange Labs (coordinator)
  • LIENS – Laboratoire d'informatique de l'ENS
  • Cryptolog
  • INT
  • Supélec

The French research project SAPHIR

SAPHIR (Security and Analysis of Innovative and Recent Hashing Primitives) is a 3-year French RNRT project studying recent advances in the area of cryptographic hash functions. It was launched on March 10, 2006. It involves the following partners:

  • Orange Labs (coordinator)
  • LIENS – Laboratoire d'Informatique de l'École Normale Supérieure
  • DCSSI – Central Information Systems Security Division
  • Gemalto
  • Cryptolog

The ECRYPT Network of Excellence in Cryptology

ECRYPT — European Networkof Excellence for Cryptology — is a 4-year network of excellence funded within the Information Societies Technology (IST) Programme of the European Commission's Sixth Framework Program (FP6). ECRYPT was launched on February 1st, 2004. Its objective is to intensify the collaboration of European researchers in information security, and more in particular in cryptology and digital watermarking.

It involves 32 partners and is coordinated by the Katholieke Universiteit Leuven.