Research Activity

My research focuses on provably secure E-Democracy (E-Voting, E-Collecting), with a heightened interest in the Swiss setting. My PhD is in formal methods, where I performed symbolic proofs over cryptographic protocols using ProVerif. I like to work across domains, including cryptography, implementation, and human factors.

dblp orcid favorites

Publications

  1. Simultaneously Proving Privacy and Verifiability: A ProVerif Framework for Internet Voting. Vincent Cheval, Veronique Cortier, Alexandre Debant, Florian Moser. In CSF 2026 – 39th IEEE Computer Security Foundations Symposium. 2026 archive (HAL)
  2. On a Study of Mechanisms for End-to-End Verifiable Online Voting (StuVe). Veronique Cortier, Alexandre Debant, Ralf Küsters, Florian Moser, Johannes Müller, Melanie Volkamer. In E-Vote-ID 2025 – 10th International Joint Conference on Electronic Voting. 2025 archive (HAL)
  3. Development and Expert Evaluation of an Informative Video concerning Verifiable Internet Voting. Tobias Hilt, Florian Moser, Philipp Matheis, Melanie Volkamer. In E-Vote-ID 2025 – 10th International Joint Conference on Electronic Voting. 2025 archive (HAL)
  4. Code voting: when simplicity meets security. Véronique Cortier, Alexandre Debant, Florian Moser. In ESORICS 2024 – 29th European Symposium on Research in Computer Security. 2024 archive (HAL)
  5. Recommendations for Implementing Independent Individual Verifiability in Internet Voting. Florian Moser, Rüdiger Grimm, Tobias Hilt, Michael Kirsten, Christoph Niederbudde, Melanie Volkamer. In E-Vote-ID 2024 – 9th International Joint Conference on Electronic Voting. 2024 archive (HAL)
  6. SoK: Mechanisms Used in Practice for Verifiable Internet Voting. Florian Moser, Michael Kirsten, Felix Dörre. In E-Vote-ID 2024 – 9th International Joint Conference on Electronic Voting. 2024 archive (HAL)

Track chair for E-Vote-ID PhD Colloqium (2026). Reviews for ACM Transactions on Privacy and Security (2023), E-Vote-ID PhD Colloqium (2024, 2025), E-Vote-ID Track 1 (2026)

Thesis, Studies & Reports

  1. Formal Methods for Internet Voting. Florian Moser. PhD thesis supervised by Veronique Cortier, Alexandre Debant at INRIA, Université de Lorraine. 2026 archive (theses.fr)
  2. A Study of Mechanisms for End-to-End Verifiable Online Voting. Florian Moser, Johannes Müller, Véronique Cortier, Alexandre Debant, Pierrick Gaudry, Anselme Goetschmann, Ralf Küsters und Melanie Volkamer. Study for the Federal Office for Information Security, Germany. 2024 study
  3. Swiss Internet Voting. Florian Moser. Master thesis supervised by Kenny Paterson at ETH Zürich. 2022 archive (ETH)
  4. Fast implementation of Curve25519 on Intel Skylake. Philippe Goetschmann, Florian Moser, Fabio Streun, Lukas Tobler. Course deliverable of Advanced Systems Lab at ETH. 2020 report code

Talks & Teaching

  1. E-Collecting: Aber sicher!. Florian Moser. Talk at Winterkongress 2026 by Digitale Gesellschaft, Switzerland. 2026 talk
  2. An introduction into internet voting. Florian Moser. Talk at 22. Gulschprogrammiernacht by CCC, Germany. 2024 talk
  3. Git & GitLab courses. Florian Moser. Courses given for TheAlternative at ETH and UZH, Switzerland. 2016–2023 TheAlternative

Responsible Disclosures

  1. Threema: Feasible key-guessing attack by the server. Florian Moser. Impact: Server can read messages and impersonate users. 2026
  2. Free&Fair VoteSecure: Trustees decrypt arbitrary ballots, Voter application can circumvent verification. Florian Moser. Impact: Privacy and verifiability broken. 2026 GHSA-v43c-fm6q-w8f8 GHSA-w7jj-jfcc-gf89
  3. Abraxas E-Collecting: ?. Florian Moser. Rejected without demonstrating how attack is prevented. 2026
  4. Swiss Post Voting System: Concurrency bug breaks single-execution (10k bounty). Florian Moser. Impact: None, as ORM caching layer recovers single-execution guarantee. 2023 GitLab
  5. Swiss Post Voting System: Computational proofs take invalid assumptions (2.5k bounty). Florian Moser. Impact: Proofs unsound. 2022 GitLab

Participation in Vernehmlassung Federal Chancellery VEleS (2022), Kommentierung BSI TR-03169 (2023), Partizipativer Prozess E-Collecting (since 2025).

Implementation

  1. Elliptic: Elliptic curve cryptography in plain PHP. since 2025 GitHub
  2. VSCode ProVerif Language Server: Support for ProVerif in VSCode. since 2024 GitHub
  3. Polyas Verification: Individual verification for the POLYAS voting system. since 2023 GitHub

Improvements to ProVerif, cryptography bugfix #11055 and testing #16896 #18363 in PHP