Supervisors and Topics

Dan Bogdanov: Applied Cryptography and Security

  • No topics proposed for this term.

Sven Laur: Theoretical Cryptography

  • No topics proposed for this term.

Helger Lipmaa: Theoretical Cryptography

  • No topics proposed for this term.

Jan Willemson: Security

  • Disk encryption password cracking

Meelis Roos: Applied Cryptography and Data Security

  • Distributed version control system with confidentiality guarantees
    Assigned to: John Smith

Mart Sõmermaa: Practical security

  • Design of autentication protocols based on mobile phones
    Assigned to: Kristjan Krips
  • Various implementation details of mobile authentication protocols
  • A simple framework for authentication using Open ID and public key cryptography in mobile devices

Martin Paljak: Smart card security and open source implementations

As a starting look at the presentations on the FOSDEM2011 cite.

Peeter Laud: Cryptographic Protocols. Program Semantics

  • Review papers for language-based security
    • Andrei Sabelfeld, David Sands: Dimensions and Principles of Declassification. CSFW 2005: 255-269
    • Andrei Sabelfeld, Andrew C. Myers. Language-Based Information-Flow Security. IEEE J. on Selected Areas in Communications 21(1):2003
  • Protocol analysis
    • Catherine Meadows. Formal Methods for Cryptographic Protocol Analysis: Emerging Issues and Trends. IEEE J. on Selected Areas in Communications 21(1):2003
    • ProVerif:
    • Avispa toolset:
  • Security in wireless sensor networks
  • Minimal structural requirements of key establishment and authentication

Dominique Unruh

  • Rational cryptography. Traditionally, in cryptography we try to make protocols secure against arbitrary malicious attacks. In many cases, however, one can assume that the attacker is rational: he will only perform attacks from which he benefits. Rational cryptography uses game-theoretic tools to develop protocols that are secure as long as the attacker is rational.
  • Protocol analysis using refinement types. The automatic verification of the security of protocols is a useful but difficult task. One approach for verifying security are type systems. One annotates protocols with suitable types (similar to "int", "bool", "array of string", etc., but more powerful). By choosing the right type system, one can ensure that any well-typed program is secure.
  • Secure composition of cryptographic protocols. Cryptographic protocols often have a nasty property: Although one can show that a given protocol is secure when running on its own, the same protocol can become insecure when running together with another protocol or with other copies of itself. One is therefore interested in protocols that compose securely, that is, protocol that do not loose their security when running in a larger context.

Raimundas Matulevičius: Security Aspects in System Modeling

  • Security Requirements Modelling. Security is an important system artefact, however the current literature reports, that security concerns appear only when system is already in use, or, at the best case, security is considered only during the late system development stages. The purpose of this topic is to develop a method which would facilitate application of security modelling language(s) at the early modelling phase (e.g., requirements engineering). A driving technology would include the security risk management (SRM) domain model. The candidate will need to select the targeted security modelling language, propose and validate his solution.
  • Security Model Transformation. Security Management (SM) can be addressed using different modelling techniques at different levels, including asset, risk, and risk treatment analysis. The application of security languages (e.g., Secure Tropos, Misuse cases, KAOS extensions to security) might help to engineer better security solutions. However system development should combine multiple viewpoints. The purpose of this topic is to develop a set of rules and guidelines in order to combine different security modelling approaches. The candidate will need to review the existing works. Then he will need to develop and validate the guidelines on how to perform transformations between different security language models.
  • Modeling of Role-based Access Control. Role-based access control (RBAC) is a security mechanism to ensure that the secured data would be accessed only by the people who has a permission to access it. RBAC models can be developed using different modelling approaches, such as SecureUML, UMLsec, and others. However it was also observed that these approaches address only one particular modelling viewpoint. The purpose of this topic is to investigate whether it is possible to combine different modelling approaches for RBAC. The candidate will need to make a state of the art for RBAC modelling. Then he will need to develop and validate an approach to facilitate use of different security languages for RBAC addressed through various viewpoints.

Artjom Lind: Applied Cryptography

  • Towards secure P2P computing. One research topic at the university of Tartu is Friend-to-Friend (F2F) Computing [1] an implementation of a P2P Computing system. F2F Computing uses insecure instant messaging channels between a group of peers to setup an overlay network between these peers. For two-peer chats Off-the-Record messaging [2] is a feasible solution. It offers encryption, authentication, deniability, and perfect forward secrecy. Do we need all of them in a P2P Computing environment? Your task would be to evaluate respective encryption and privacy schemes [respective papers provided by Sven] for their suitability for P2P Computing systems. After selecting one of them, this should be implemented in a simple F2F application prototype in C or C++. Depending on the effort put into the implementation up to 3 further credit points can be awarded.


Assigned to: Kristjan Krips

Page edit