Note for Bachelor students: The topics here are presented in English. The Bachelor's thesis can of course also be written in German. However, you are expected to be able to read English literature.
Next Generation Cryptosystems: Post-Quantum Cryptography
In the mid 1990's, Peter Shor found his famous algorithm to factorize large numbers. It soon turned out that this algorithm can be used to break essentially all public-key cryptosystems in practical use today. On the positive side, the type of quantum computer required to run Shor's algorithm isn't available yet -- but there is an urgent need for new "post-quantum" asymmetric cryptosystems, which will survive the advent of reliable large-scale quantum computers.
There is an ongoing effort to study and eventually standardise such cryptosystems, specifically for new "key encapsulation mechanisms" and new "digital signature schemes":
https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8309.pdf
"Post-Quantum Security" refers to cryptographic security against an attacker that can utilize a powerful quantum computer. Currently, such a device does not exist. However, as technology advances, many currently used algorithms labeled as secure will be useless against an attacker that has access to a sufficiently large quantum computer.
Topics for Bachelor Students
- The McElice KEM
- The CRYSTALS-KYBER KEM and CRYSTALS-DILITIUM signatures
- The NTRU and NTRU-Prime KEMs
- SPHINCS+: A stateless hash-based signature scheme
Topics for Master Students
- Lattice-Based Cryptosystems
- Code-Based Cryptosystems
- Hash-based Digital Signatures
The specific scope for the topics below can be adjusted for either Bachelor or Master Students.
Knowledge of (basic) quantum-computing concepts is recommended or required (e.g. through the lecture: Quantum Algorithms and Cryptanalysis).
Not only for asymmetric cryptographic algorithms, "Post-Quantum Security" is an important topic to look at. While only some years ago, most researchers agreed that symmetric cryptography algorithms and schemes are quite safe against quantum computers, recent research has shown that many of the currently used constructions are unsafe against a quantum attacker.
- Post-Quantum Security of Symmetric Encryption Algorithms
- Post-Quantum Unforgeability in Symmetric Authentication or Authenticated Encryption Schemes
- Exploration of newly designed or modified Encryption, Authentication and Authenticated Encryption Constructions that claim Post-Quantum Security
Decentralized Cryptography: Cryptocurrencies, Privacy and Multi-Party Security
Topics for Bachelor Students
- Privacy-Preserving Record Linkage
Record linkage is a crucial step in many database applications. At the same time, record linkage can be a privacy issue. To what degree is it possible to support record linkage while maintaining a well-specified and quantifiable amount of privacy for the user?
- Differential Privacy in Smart Traffic Control
Smart cities are not just known for their comfort but also for their habit to collect large amounts of data. One typical example of such a comfortable but data-intensive use case is smart traffic control. If implemented correctly, it can add a lot of features addressing not just comfort but also security. On the other hand, there are many concerns regarding the constant surveillance. What can we do to keep the benefits without giving away privacy? The aim of this work is to find differential privacy mechanisms and strategies for smart traffic control to tackle this issue.
Topics for Master Students
- Proofs of Storage
In recent years, the idea of hash-based cryptocurrencies, such as Bitcoin, has taken off. A disadvantage of Bitcoin is the dependency on cryptographic "proofs of work", which are, de facto, a "proof of power consumption" and CO2-emission. Thus, we study environmentally more friendly alternatives, such as "proofs of storage".
- TrueNews II
How to verify a photograph taken while maintaining anonymity? This is a follow-up work of an already existing master thesis where photographs taken were verified in a decentralized way by nearby smartphones. A new signature protocol was created. However, there are ongoing challenges. How to compute credibility? How to transmit credibility? What if some phones are compromised? And how to remain anonymous? The goal of this thesis is to revisit the underlying protocol and to analyze and improve it from a security perspective.
Implementation / Reverse Engineering
The specific scope for the topics below can be adjusted for either Bachelor or Master Students.
- Implementing and Proving Algorithms in SPARK
SPARK is an Ada-based programming language, which is used for the developement of dedicated secure software. SPARK supports the specification and the verification of the information flow of an implementation, as well as pre- and postconditions. The goal is to implement easy algorithms in SPARK (sorting and searching, the arithmetic of big numbers, etc.), and to prove the implementations using the SPARK toolset.
- A Simulator/Demonstrator for Grover and Other Quantum Algorithms
Quantum algorithms have the reputation of being difficult to grasp. To some degree, this reputation may be well-deserved -- but not all quantum algorithms are so difficult. The main goal for the thesis is a simplified quantum simulator with a visual interface to implement some simple quantum algorithms, such as Grover's quantum search algorithm. The simulator shall be used to give junior students a first impression of quantum algorithms, e.g., in the context of "Byte the Bytes".
- Evaluation of RUST as a language for secure and reliable software.
RUST is a language which has been introduced with the development of reliable
software in mind. To evaluate RUST, some cryptographic library shall be
used and some security protocols shall be implemented, and compared to
implementations in other languages, such as the Ada language or C and C++.
Topics for Bachelor Students
- Reverse Engineering Rider Apps
In the last few years, and especially during the recent pandemic, delivery services on bikes flooded the market. Despite the comfort of getting all possible goods delivered to one's home, those delivery services have to face sharp criticism due to the delivery staff's bad working conditions. The biggest players in this system all have in comon that they deploy smartphone apps for their delivery staff to automate work processes. In some cases, those apps rely on suspicious permissions, which could be a potential threat for their user's privacy. Therefore, it is desireable to Reverse Engineer those apps, compare them and investigate possible privacy violations.
Cryptosystem Design and Cryptanalysis
The specific scope for the topics below can be adjusted for either Bachelor or Master Students.
- Single-Page Cryptography
You have been captured and wrongly imprisoned and need to communicate an encrypted message to your outside contact with an emergency key phrase that you both memorized in case of danger. Luckily, in your thesis you designed a cryptographic system that fits only on one regular page which is easy enough to memorize. Since you can only send one message, you want to make sure that you have memorized the "implementation" correctly. That's why you also memorized an easy self testing procedure, with which you can test if your implementation is correct. Now that everything is correct, you can use your Mini-Encryption System to encrypt the message so that it is only readable by your contact in the outside world which knows the key phrase.
An example for such a system could be the RC4 stream cipher. Unfortunately, RC4's security has been semi-successfully attacked before and it provides neither a way to encrypt multiple messages under the same key nor does it provide authentication.
- Easy Attacks - Attacking the AEZ Cryptosystem
AEZ (pronounced "easy") is a cryptosystem, which uses four rounds of the AES as the internal building block. The goal is to describe attacks, when this building block is reduced to less than four rounds.
- Leakage-Resilient Symmetric Cryptosystems
In cryptography, "leakage resilience" is the ability of a cryptosystem to provide security even when the adversary has access to a side-channel, such as, e.g., a power consumption trail from operations using the secret key. The goal is to study symmetric cryptosystems, which have been claimed to be "leakage-resilient" by their designers.
Formal Language-based Security
When binary data are sent from one party to another one, the encoding of the data can be described as a “data serialisation” language. Many of these languages employ the “length-prefix” pattern for strings, containers and other data items of variable length. This consists of an encoding of the item’s length, followed by an encoding of the item itself without closing brackets or “end” symbols.
Length-prefix languages are not context-free. Thus, the plethora of tools and methods to specify, analyse, and parse context-free languages appears to be useless for length-prefix languages. This seems to explain why improper specifications of length-prefix languages and buggy hand-written parsers are so often a root cause for security issues and exploits, as, e.g., in the case of the famous Heartbleed bug.
Your task could be one (or more) of the following:
- building upon EBNF for context-free languages, develop a grammar for our formal language class "calc-context-free" [2],
- develop an automatic parser generator or a wrapper for existing parser generators like YACC based on an already established algorithm in [2] (including a reference implementation),
- examine formal properties of the "calc-regular" [1] and "calc-context-free" languages [2] and examine if certain theorems are decidable efficiently (i.e. in polynomial time).
The work would be based on the previous work from your fellow students, which you can find in the following sources:
[1] Grosch, König, Lucks: "Taming the Length Field in Binary Data" - https://ieeexplore.ieee.org/document/8227292
[2] Jakoby, Leuther, Lucks: "Formal Language Theory for Practical Security" - https://ieeexplore.ieee.org/document/9474290
(If you'd like free access to the papers, please contact jannis.leuther@uni-weimar.de)