List of projects

(In alphabetical order of supervisors.)

Danielle Morgan

Assessing wireless keyboard protocols

More and more we depend on wireless devices in our everyday lives. At work, home or school we use a variety of tools including wireless keyboards and mice, access cards and smart home technologies. However, do we actually know what is sent from device to device or from device to USB connector? This would be especially important in the case of wireless keyboards. Are you keystrokes sent unencrypted in the open air or does the connected USB allow an attacker to gain access to your computer? Well if you haven’t thought about it, maybe you should. There are several attacks that have been performed on wireless keyboards and mice. Some of the most popular are MouseJack, KeyJack and LOGITacker.

The student’s task would be to write a report on implementing and using these attacks and which ones worked (why or why not). A Logitech keyboard/mouse pair will be provided as well as a nRF52840 Dongle for testing.

If another student is interested in this topic they can assess the wireless transmission protocol of a random keyboard using the HackRF.

This topic is suitable for all levels

https://www.mousejack.com/ https://www.bastille.net/research/vulnerabilities/keyjack/keyjack-intro https://github.com/RoganDawes/LOGITacker https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle https://greatscottgadgets.com/hackrf/one/ This topic is suitable for all levels

Any HackRF project

Any student who has an idea regarding the HackRF or would just like a project with a HackRF can also be accommodated.

Example Projects:

Creating a mobile base station Reverse Engineering a device e.g. a remote control This topic is suitable for all levels

Implementing Kr00k and KRACK wireless network attacks

(assigned to Olivier Levasseur)

Janno Siim (jannosiim@gmail.com)

Zero-Knowledge Proofs for Fun

A zero-knowledge proof is a cryptographic tool that allows to prove statements without leaking any information besides that the statement is true. For example, in cryptocurrencies, one might want to prove that a ciphertext contains a valid transaction without revealing the sender, receiver, or transaction size. However, in this project, we will study zero-knowledge proofs for completely non-practical and silly problems. There are several physical zero-knowledge proofs which are good for intuition for beginners and need almost no mathematical background: Proving that one knows a solution to a sudoku puzzle without revealing the solution. http://www.wisdom.weizmann.ac.il/~naor/PAPERS/sudoku.pdf Proving that Waldo exists on Where's Waldo? picture without leaking his location. http://www.wisdom.weizmann.ac.il/~naor/PAPERS/waldo.pdf Proving to a color-blind person that two objects have different colors. https://hackernoon.com/how-to-prove-that-you-know-something-without-revealing-it-zero-knowledge-proofs-zcash-ethereum-43ce35d4d1c5 … This project aims to collect all of these simple physical zero-knowledge proofs (as many as we can find) into a single document to form a type of "Zero-knowledge Proofs for Dummies" guide. Each example should be nicely described (and maybe even illustrated) and should also contain some analysis of the probability of cheating. This is a good project, especially for those who have no prior cryptography background.

Level: Bachelor or Master

Implementing subversion resistant zk-SNARKs

Zero-knowledge succinct arguments of knowledge (zk-SNARKs) are highly efficient zero-knowledge proofs that are now widely used in cryptocurrencies. Unfortunately, the fastest zk-SNARKs require a trusted setup procedure. In https://eprint.iacr.org/2020/668, we showed that the most efficient zk-SNARK can obtain privacy (zero-knowledge) even without trusting the setup if the prover runs a setup verification algorithm before outputting a proof. The specific zk-SNARK has been implemented in the Libsnark library https://github.com/scipr-lab/libsnark. However, the setup verification has not yet been implemented. This project's primary goal is to implement this setup verification procedure using libsnark and ideally even merge it with the library. The algorithm itself is relatively simple but the challenging part is understanding the library and https://eprint.iacr.org/2020/668. At least some prior knowledge of C++ would be needed for this project. Depending on how challenging the task turns out to be, earning additional 3 credit points may be possible. As usual, the student should also write a short report of the results.

level: Master or PhD

Couteau-Hartmann transform

Zero-knowledge proofs can be interactive (there’s back and forth communication between prover and verifier) or non-interactive (prover outputs a single message, and verifier will check it). Often non-interactive proofs are more convenient to use in practice, and they allow many different verifiers to verify the same proof. Couteau and Hartmann recently proposed a very simple but novel approach for making certain interactive proofs non-interactive by using pairing-based cryptography. The task is to read about their approach from https://eprint.iacr.org/2020/286 and to write a summary.

level: Master or Phd

Vitaly Skachek

General survey on post-quantum cryptography

Many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer; post-quantum cryptosystems aim to remain secure even in this scenario. The paper [1] surveys various challenges and approaches in post-quantum cyrptosystem design.

In this project, a student will read [1], and possibly additional relevant papers, and will present a survey on the state-of-the-art in post-quantum crypto.

[1] Daniel J. Bernstein and Tanja Lange, "Post-quantum cryptography", Nature 549, 188–194 (2017). https://doi.org/10.1038/nature23461

BSc or MSc level

Detection of Bots in the Social Media

Bot is a software that automatically imitates legitimate users in social networks and other online platforms. In the recent years bots were massively used by private entities, political groups and governments in order to influence public opinion in the desired direction. Bots possess certain properties that often allow to distinguish them from the human users.

In this project, the student will study the distinguishing properties of the automatic bots, and develop a software that will identify possible bots in social networks.

[1] Digital Forensic Research Lab, "#BotSpot: Twelve Ways to Spot a Bot", https://medium.com/dfrlab/botspot-twelve-ways-to-spot-a-bot-aedc7d9c110c

[2] Arzum Karataş, Serap Şahin, "A Review on Social Bot Detection Techniques and Research Directions"

BSc, MSc or PhD level

A Secure Fountain Architecture for Slashing Storage Costs in Blockchains

Full nodes, which synchronize the full blockchain history and independently validate all the blocks, form the backbone of any blockchain network by playing a vital role in ensuring security properties. On the other hand, a user running a full node needs to pay a heavy price in terms of storage costs.

An architecture for blockchain is proposed in the referred paper, which is based on fountain codes, a class of erasure codes, that enables any full node to encode validated blocks into a small number of coded blocks, thereby reducing its storage costs by orders of magnitude. In particular, the proposed Secure Fountain (SeF) architecture can achieve a near optimal trade-off between the storage savings per node and the bootstrap cost in terms of the number of (honest) storage-constrained nodes a new node needs to contact to recover the entire blockchain. A key technical innovation in SeF codes is to make fountain codes secure against adversarial nodes that can provide maliciously formed coded blocks. The main idea is to use the header-chain as a side-information to check whether a coded block is maliciously formed while it is getting decoded. Further, the rateless property of fountain codes helps in achieving high decentralization and scalability.

https://arxiv.org/pdf/1906.12140.pdf

MSc or PhD level

Nikita Snetkov

Homomorphic hash functions

During my research on threshold post-quantum signatures, I have encountered cryptographic primitive called "homomorphic hash functions"(https://en.wikipedia.org/wiki/Homomorphic_signatures_for_network_coding#History). One of the examples of such hash functions is SWIFFT (https://github.com/micciancio/SWIFFT). I would like to have student to produce a literature review with comparison of available homomorphic hash functions.

Student's level: Bachelor/Master

Ahto Truu, Denis Firsov

(assigned to Ekaterina Zhuchko)

Starting from 2017, we have proposed a series of hash-based server-assisted signature schemes [17, 18, 19], and recently also formally analyzed their security with the EasyCrypt proof assistant [20]. Currently we're working on a new member of the family (no public reference yet, will share pre-print manuscript) and are looking to formalize its correctness in EasyCrypt. In case of mutual interest, it is possible to follow up with formalizing a security proof, which would be suitable as an internship project or an MSc thesis topic.

[17] https://eprint.iacr.org/2019/671

[18] https://eprint.iacr.org/2019/672

[19] https://eprint.iacr.org/2019/673

[20] https://eprint.iacr.org/2020/028

Suitable for: MSc, PhD students

Dominique Unruh

Formal verification of post-quantum crypto

(assigned to Mattias Lass)

In the paper Post-Quantum Verification of Fujisaki-Okamoto by Unruh, we did a computer-aided verification of the security proof of a practically-relevant encryption scheme. This is the first time (to my knowledge) that post-quantum security has been computer verified (using a new verification tool also developed in Tartu). The task would be to present the work done in the paper. An enthusiastic student might additionally attempt to do simple own proofs in the tool.

Level: master/phd

Required background: Quantum Crypto. Experience with formal methods (Isabelle) is a bonus.

Quantum Money

(Assigned to Ergo Nigula)

Quantum money protocols are protocols that implement unforgeable coins using quantum effects. These can be used offline (no need to interact with a server or the net like, e.g., with Bitcoin). The task of this seminar topic is to pick and describe one quantum money protocol (paper) in detail. Level: master/phd

Required background: Crypto I or comparable, Quantum Crypto

Implementing a mini theorem prover for relativistic protocols

A relativistic protocol is one where the security of the protocol is based on the fact that information cannot move faster than light (and possibly using quantum mechanics, too). To show the security of relativistic protocols, we need to reason about areas in space-time, and to reason about which area can get information from which other area. (Space-time circuits.) The goal of this seminar task is to write a mini theorem prover that automates the reasoning about those areas in space-time.