# List of projects

(In alphabetical order of supervisors.)

## Supervised by Irina Bocharova & Boris Kudryashov

### New classes of code-based open key cryptosystems for post-quantum cryptology

Unlike RSA, the code-based cryptosystems are resistant to specific attacks which will be possible when quantum computations and quantum computers will come to real life. The idea is based on the fact that finding minimum-weight codewords and decoding of a general linear code are proven NP-hard problems. The code-based cryptosystem by using a pseudo-random transformation makes easily decodable codes undistinguishable from random (general) linear codes.

For known code-based cryptosystems, the size of open key is much larger than for contemporary RSA-based systems. The main challenge is to shorten the key as much as possible.

The recent progress in coding theory opens the road to new approaches to solving this problem. An overview of the already proposed ideas and search for new ideas among recent publications in coding theory is suggested as a topic for crypto seminar .

Level: bachelor/master.

Requirements: Elements of probability theory and linear algebra. Coding theory course is preferable, but not necessary.

## Supervised by Aivo Kalu (in collaboration with Cybernetica)

### Comparison of identity/authentication/signing APIs from security and architecture viewpoint

This project might be suitable for a student, who is interested in software developing/architecture aspects, yet still related to security. There are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example:

• https://github.com/SK-EID/smart-id-documentation/blob/master/README.md • https://github.com/SK-EID/MID • https://developers.dokobit.com • https://developer.signicat.com/apis/sign-api/sign-api-v1/ • https://github.com/open-eid/SiGa/wiki/Hashcode-API-description

and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?

### Applying Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases

Last year, the followng master thesis was published: https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email.

If there are some additional ideas about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project could come out of this.

### Comparison of the attack model of the FIDO with the attack model of Smart-ID

The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Your task is to compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html

### Comparison of the properties of Smart-ID with framework by Bonneau et al.

We will study the paper https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf . We will analyze which properties are satisfied by the Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. This can be compared with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.

General links for Aivo's projects:

## Supervised by Sven Laur

### Formal verification of cryptographic proofs

Your task is to formalise technical lemmas about interactive systems consisting of several components in the proof assistant Coq. You can reuse the formalisation and code developed by Eric Cornelissen but you have to extend the same approach to different lemmas

Level: Master/Phd

### Arcs over rings

Consider a plane. Then ark is a set of points such that no three points are on the same line. The generalisation to n dimensional space is obvious -- n+1 points always cover the entire space. More formally you have to consider difference x_i-x_0. These must be linearly independent. The definition trivially generalises over any vector space over the field. The definition is non-trivial for modules over rings as linear independence is badly defined. Your task is to study extension where no difference x_i-x_0 cannot be expressed as a linear combination of other differences. This not very well studied but has practical applications in error-correcting codes and linear secret sharing.

Level: Bachelor/Master/Phd

## Supervised by Danielle Morgan

### Assessing wireless keyboard protocols

More and more we depend on wireless devices in our everyday lives. At work, home or school we use a variety of tools including wireless keyboards and mice, access cards and smart home technologies. However, do we actually know what is sent from device to device or from device to USB connector? This would be especially important in the case of wireless keyboards. Are you keystrokes sent unencrypted in the open air or does the connected USB allow an attacker to gain access to your computer? Well if you haven’t thought about it, maybe you should. There are several attacks that have been performed on wireless keyboards and mice. Some of the most popular are MouseJack, KeyJack and LOGITacker.

The student’s task would be to write a report on implementing and using these attacks and which ones worked (why or why not). A Logitech keyboard/mouse pair will be provided as well as a nRF52840 Dongle for testing.

If another student is interested in this topic they can assess the wireless transmission protocol of a random keyboard using the HackRF.

This topic is suitable for all levels

- https://www.mousejack.com/ https://www.bastille.net/research/vulnerabilities/keyjack/keyjack-intro
- https://github.com/RoganDawes/LOGITacker
- https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle
- https://greatscottgadgets.com/hackrf/one/

### Any HackRF project

Any student who has an idea regarding the HackRF or would just like a project with a HackRF can also be accommodated.

## Supervised by Dominique Unruh

### Relativistic commitments

Relativistic commitments are protocols where a commitment scheme is implemented that is secure based on the assumption that the speed of light is bounded (i.e., to break it, you would have to communicate faster than light). Those can be made information-theoretically secure (i.e., no computationally unlimited or quantum attacker can break them).

The task of this topic is to give a short overview of the existing results, and to study and describe one of them in more detail.

*Required background: Crypto I or comparable, Quantum Crypto if a quantum secure variant is studied*

### Formal verification of post-quantum crypto

In the paper Post-Quantum Verification of Fujisaki-Okamoto by Unruh, we did a computer-aided verification of the security proof of a practically-relevant encryption scheme. This is the first time (to my knowledge) that post-quantum security has been computer verified (using a new verification tool also developed in Tartu). The task would be to present the work done in the paper. An enthusiastic student might additionally attempt to do simple own proofs in the tool.

Level: master/phd

Required background: Quantum Crypto. Experience with formal methods (Isabelle) is a bonus.

### Security proofs of post-quantum encryption

Currently, there are a number of encryption schemes being considered for standardization as post-quantum secure encryption schemes. Many of them use variants of a technique called the Fujisaki-Okamoto transform. The task of this project would be to read a paper on security proofs of the Fujisaki-Okamoto transform (in the postquantum setting) and present it. (Which paper that would be would have to be chosen then. Something up to date.)

Level: master/phd

Required background: Quantum Crypto.

## Supervised by Jan Willemson

### Make a cool project with USB armory Mk II

There is a nice open platform for security dongles supported by F-Secure: https://www.crowdsupply.com/f-secure/usb-armory-mk-ii . Your task is to implement a cool project on top of it. A list of ideas from the dongle webpage:

- Mass storage device with advanced features such as automatic encryption, virus scanning, host authentication, and data self-destruct
- Hardware Security Module (HSM)
- OpenSSH client and agent for untrusted hosts (e.g., Internet kiosks)
- Router for end-to-end VPN tunnelling
- Tor bridge
- Password manager with integrated web server
- Electronic wallet
- Authentication token
- Portable penetration testing platform
- Low-level USB security testing