Teaching and supervision
I'm happy to supervise any students wishing to graduate in the area of privacy, identity management, applied cryptography. I maintain a separate page with student guides.
- Luuk van Rheeden, internship, [apr 2022 - okt 2022].
- Matti Eisenlohr, MSc, [mar 2022 - sep 2022].
- Fleur Vercoutre, KPMG, MSc Information Science, [feb 2022 - jun 2022].
- Marc van de Werfhorst, on privacy protection within SOCs, KvK, MSc [mar 2022 - jul 2022].
Recently finished assignments
- Marvin van Bekkum, “Engineering Data Protection by Design with LINDDUN. An interdisciplinary analysis”, MSc, [feb 2021 - jul 2021].
- Charlotte Leuverink, internship Microsoft, [sep 2021 - feb 2022].
- Matti Eisenlohr, internship SURFnet, [sep 2021 - feb 2022].
- Sander Blijenberg, internship PWC, [sep 2021 - apr 2022].
- Martijn van Dijk, research internship, [feb 2020 - juni 2020]
- Luuk de Bruin, "Analyzing the Tahoe-LAFS filesystem for privacy friendly replication and file sharing", [feb 2019 - aug 2019]
- Solo Schekermans, "Receiver anonymity within a distributed file sharing protocol", [feb 2019 - aug 2019]
- Maarten Dorrestijn (Bac), "Identifying guard nodes of Tor hidden services", [dec 2018 - may 2019]
- Sven Arissen, "Blockchain for post-trade settlement, clearing and custody of financial instruments", [aug 2018 - aug 2019]
A popular option is to perform the graduation project as an intern at a company. For example:
Please contact me to discuss a suitable project. External projects are certainly a possibility. The following list of project summaries give you an idea of the kind of assignments that are currently open.
- Collaborative editing and IPFS
- Collaborative editing services like CryptPad (that is also end-to-end encrypted), and Etherpad coordinate user interactions through a central instance that maintains state. Would it be possible to make such services rely less on a central coordinator, and use e.g. the IPFS to store the data in a distributed fashion?
- Anonymous communication
- Can the anonymous communication protocol based on a public bulletin board be strengthened with / or integrated into the Nym ecosystem?
- NFC payments
- Study the security of NFC payments, Apple Pay, Apple Wallet and the use of one-time credit cards in these contexts.
- Privacy of push notifications
- Study the privacy implications of push notifications and think of ways to mitigate them.
- An API for a Public Stack
- Privacy Coach
- Think of ways how you can use a mobile device to protect your privacy...
- Strengthening the binding between people and their on-line credentials.
- Within the IRMA project, we are developing a platform for attribute based credentials, where the credentials are stored on a smart card. Credentials are personal, and it should be impossible to use the credential of someone else (your older brother for instance) to buy age restricted material on line. Currently, we use PIN codes to prevent this. But this is weak if your brother is happy to share his PIN with you. Goal of this project is to study ways to bind credentials to individuals, and to think of new ways to make this binding stronger.
- UbiKiMa is a ubiquitous key management app for Android. It is a password manager for existing websites, but also allows public key based authentication on websites that support it. The app is still a rough prototype, that could be polished considerably. Also the underlying protocols could do with an analysis and probably some improvements. I am looking for a student that can do all of this...
I teach the following course
- Privacy Seminar, course code NWI-I00136, spring semester.
This course is part of the TRU/e security master.
I used to teach several other courses, like Advanced Network Security (Fault tolerant distributed algorithms really ;-), Cryptography, Fault Tolerant Digital Systems and Computer Systems in the (distant) past.
I, and other people in our group, sometimes teach a cryptography and security lab for high-school students.
The following assignments were finished under my supervision.
- Nina Boelsums (TU/e Industrial Design), [feb 2018 - dec 2018]
- Decentralized attribute-based encryption for DECODE, Marloes Venema, [feb-aug 2018]. (thesis).
- Long term data storage using peer-to-peer technology, Paulus Meessen [feb-aug 2017]
- An Analysis of the security & privacy qualities of a proposal for the Dutch eID scheme, Jorrit de Boer, [feb 2015 - oct 2016]
- Technology and the right to be forgotten, Mark Vijfvinkel [sep 2014-feb 2015]
- Exchanging threat information between semi - honest parties, Anton Jongsma [sep 2014-feb 2015]
- Technical aspects of a right to be forgotten, Stan Philisen [feb 2014-jul 2014].
- Active website fingerprinting in Tor, Max Hovens [feb 2014 - aug 2014]
- Attribute Based Encryption using Attribute Based Credentials, Tim v.d. Kamp [feb 2014 - aug 2014]. (thesis)
- Delegation in Attribute Based Credentials, Manu Drijvers [feb 2014 - jul 2014]. (thesis).
- Cookiewalls. Een probleem met een technische oplossing?, Koen van Ingen, [mar 2013 - jul 2013]. (thesis)
- Effective Host-based Intrusion Detection for Systems with Real-Time Constraints, Pol van Aubel, at TENNET Arnhem, [mar 2013 - sept 2013].
- Providing unlinkability of transactions with a single token in U-Prove, Erik Weitenberg (RuG), at TNO Groningen [sept 2011 - may 2012]. (thesis)
- Self-blindable credentials with revocation, Wouter Luuks (RuG), at TNO Groningen [aug 2010 - apr 2011].
- Hacking the Mifare Classic, Gerhard de Koning Gans, [feb 2007 - jun 2008].
- Smartcard-integratie in het pseudoniemsysteem idemix, Luuk Danes, at TNO Groningen, [dec 2006 - jul 2007]. (thesis)
- Privacy policies voor software, Leon Krol, [feb 2006 - aug 2006].
- End-To-End Application Security Using Trusted Computing by Michiel Broekman at Oxford University Computing Laboratory [Jan 2005 - Aug 2005].
- Security of Web Services by Robert-Jan Boezeman at Oxford University Computing Laboratory [Jan 2003 - Aug 2003]. Winner of the Aia Thesis Award 2003
- UMTS Mobile Financial Services Security by Yan Yijun at ABN AMRO.
- JAVA Cards as Secure Object Store by Richard Brinkman.
- SPAM Filter Analysis by Jeroen van Nieuwenhuizen.
- Implementing Multi Level Security using a plublic key infrastructure by Edward Stempel at Philips Crypto.
- OCCAMM Security Assessment by Paul Alexander at KPN Research.
Last Version - Tue Feb 22 15:33:15 2022 +0100 / 9bb6c7f.
(Note: changeover from CVS to dotless svn version numbers on Jan 19, 2008, and changeover to GIT versioning on May 30, 2013.)
Maintained by Jaap-Henk Hoepman