Raphael Sanzio, The School of Athens (1509–1511). Black-and-white adaptation.

Cristian Lepore

PhD — Research Scientist at IRIT (France)

Contact: cristianlepore24@gmail.com

About

It’s a normal Friday afternoon. I’m sitting in a Starbucks in Paris, focused on a new project.

A few days later, unusual emails start to arrive — confirmations of university registrations I never made.

At first, I dismiss them as spam. Only gradually do I realize that something is wrong: my email account has been compromised.

What struck me, however, was the absence of any warning. At the moment it happened, there was no indication that control over my digital identity had already been lost.

That delayed realization shaped my interest in cybersecurity and digital identity.

Today, this is my profession. I am a researcher at the Research Institute in Computer Science of Toulouse (IRIT), working on security, authentication, privacy, and trust management, with a particular focus on identity systems.

What I work on

I design and study digital identity systems where what users authorize is exactly what the system enforces.

The challenge is that the software mediating these authorizations — such as web browsers and client-side components — cannot always be assumed to be reliable or transparent.

My research follows an authorization-first approach: rather than trusting the client, user intent is bound directly to cryptographic signatures and formal authorization rules, ensuring that actions cannot be altered or misinterpreted, even under partial compromise.

I work on practical, widely deployed identity systems, including Self-Sovereign Identity and WebAuthn / FIDO, with the goal of keeping them secure even when attacks go unnoticed.

Selected talks & venues

I regularly present work at conferences and research venues in security, privacy, and digital identity, including:

Selected publications

  1. Yang, Qifan, Lepore, Cristian, et al. “From Theory to Practice: Data Minimisation and Technical Review of Verifiable Credentials under the GDPR.”
    Computer Law & Security Review, vol. 57, 2025, Article 106138.
  2. Bartoletti, Massimo, Lepore, Cristian, et al. “A Formal Model of Algorand Smart Contracts.”
    Financial Cryptography and Data Security (FC 2021), Revised Selected Papers, Springer, 2021.
  3. Lepore, Cristian, et al. “A Survey on Blockchain Consensus with a Performance Comparison of PoW, PoS and Pure PoS.”
    Mathematics, vol. 8, no. 10, 2020, Article 1782.

Full list: Google Scholar · ResearchGate