Society is becoming more and more digital. Since the 1980s, cryptography has developed an impressive toolbox that enables the protection of data, processes, and the individual in the digital world. Digital signatures and encryption are ubiquitous, but recently more advanced techniques (such as zero-knowledge proofs and secure multiparty computation) have become more widespread. However, the cryptographic-theoretical foundation has not developed at the same pace, resulting in the use of these technologies in the real world without the necessary proof of security. Our project will take a step back and develop the necessary cryptographic-theoretical foundation using a two-pronged approach where better models and better techniques are developed in synergy.

Data structures are about organizing data, and it can be argued that they even predate computers. For example, the Library of Alexandria, established in the third century BCE, used a massive (for the time) data structure that kept track of more than 500,000 scrolls, allowing users to perform searches based on subject and author. Data structures as an important branch of computer science grew after the invention of electronic computers and due to the need for processing and storing digital data. Researchers have generally focused on reducing the size of the data structures and their query time. In comparison, there are fewer attempts to improve data structures through parallelism, which itself is becoming an increasingly important part of computing. We focus on faster and parallel construction of data structures, especially the newer and more modern data structures. This is important for three reasons: 1 - we have more parallelism in the world, 2 - we have more data, and 3 - data structures need to be maintained, which involves partial rebuilds. Faster construction not only means that our data can be processed faster, but it also means that our data structures can be maintained more efficiently. Data structures are at the heart of many applications and improving them will have a big impact on any application that uses them.

Millions of web applications are built on JavaScript with Node.js being the dominant platform for server programming. A key reason for its popularity among programmers is that there are over 2 million freely available software packages that enable rapid development of advanced programs. Over 90% of the code in a typical Node.js program is thus reused by other programmers' code. However, the architecture of Node.js is not designed for security. It is possible for malicious programmers to insert program code into the software packages, that leaks or modifies security-critical data, e.g., personal data or passwords when the packages are used in other programmers' web applications. This problem is well known, and several cases of adverse events have been reported. Existing proposals to solutions of the problem rely on different techniques to modify the program code, so an appropriate security policy is enforced while the programs are running. These kinds of methods have not won propagation, among other things because they cannot detect malicious code before the programs are taken into use. Based on new results on static program analysis for JavaScript, this project will construct a static resource analysis that will be able to automatically investigate whether a given JavaScript package contains potentially malicious code.

Modern software systems are often distributed, i.e., composed of programs running on different computers connected via the Internet. The goal of this project is to develop new tools and methods that programmers can use to analyze software for distributed systems so that it can be ensured that distributed software systems become more secure and correct. We will focus on developing so-called modular techniques that can scale to large and complex distributed software systems. The project builds on recent theoretical advances by the applicant's research group and involves collaboration with researchers from Amazon, which co-finances part of the project.