I'm happy to supervise any students wishing to graduate in the area of privacy, identity management, applied cryptography. I maintain a separate
page with student guides.
- Paulus Meessen (feb-jul, 2017): Secure and privacy friendly decentralised storage and sharing of data
- There are a few secure cloud storage providers that, by design, do not have access to your files. They are still centralised, and do not protect much of your metadata. Goal of this assignment is to study the state of the art in secure and privacy friendly decentralised data storage. Based on this, design a decentralised, peer-to-peer, system that allows users to store, replicate and share data from their own local harddisc, essentially creating a global filesystem using local harddiscs, while protecting privacy and security,
and solve any remaining scientific/engineering challenges.
to discuss a suitable project. External projects
are certainly a possibility. The following list of project summaries give you an idea of the kind of assignments that are currently open.
- UbiKiMa is a ubiquitous key management app for Android. It is a password manager for existing websites, but also allows public key based authentication on websites that support it. The app is still a rough prototype, that could be polished considerably. Also the underlying protocols could do with an analysis and probably some improvements. I am looking for a student that can do all of this...
- Efficient implementations of Attribute Based Credentials
- Out group has implemented Idemix credentials on smart cards in the Irma project. We are developing a new cryptographic scheme for such attribute based credentials that promise to be much more efficient while being also much more secure. The goal of this assignment is to implement the proposed scheme and analyse it.
- Privacy Coach
- Think of ways how you can use a mobile device to protect your privacy...
- Strengthening the binding between people and their on-line credentials.
- Within the IRMA project, we are developing a platform for attribute based credentials, where the credentials are stored on a smart card. Credentials are personal, and it should be impossible to use the credential of someone else (your older brother for instance) to buy age restricted material on line. Currently, we use PIN codes to prevent this. But this is weak if your brother is happy to share his PIN with you. Goal of this project is to study ways to bind credentials to individuals, and to think of new ways to make this binding stronger.
- Privacy by design
- Investigate the concept of privacy design patterns: what should such a pattern contain, what patterns have been described so far, for which privacy design problems are design patterns mostly missing. Define a your own set of privacy design patterns.
I teach the following courses
Both courses are part of the
TRU/e security master.
I, and other people in our group, sometimes teach a
cryptography and security lab
for high-school students.
The following assignments were finished under my supervision.
- An Analysis of the security & privacy qualities of a proposal for the Dutch eID scheme, Jorrit de Boer, [feb 2015 - oct 2016]
- Technology and the right to be forgotten, Mark Vijfvinkel [sep 2014-feb 2015]
- Exchanging threat information
between semi - honest parties, Anton Jongsma [sep 2014-feb 2015]
- Technical aspects of a right to be forgotten, Stan Philisen [feb 2014-jul 2014].
- Active website fingerprinting in Tor, Max Hovens [feb 2014 - aug 2014]
- Attribute Based Encryption using Attribute Based Credentials, Tim v.d. Kamp [feb 2014 - aug 2014]. (thesis)
- Delegation in Attribute Based Credentials, Manu Drijvers [feb 2014 - jul 2014].
- Cookiewalls. Een probleem met een technische oplossing?, Koen van Ingen, [mar 2013 - jul 2013]. (thesis)
- Effective Host-based Intrusion Detection for Systems with Real-Time Constraints, Pol van Aubel, at TENNET Arnhem, [mar 2013 - sept 2013].
- Providing unlinkability of transactions with a single token in U-Prove, Erik Weitenberg (RuG), at TNO Groningen [sept 2011 - may 2012].
- Self-blindable credentials with revocation, Wouter Luuks (RuG), at TNO Groningen [aug 2010 - apr 2011].
- Hacking the Mifare Classic, Gerhard de Koning Gans, [feb 2007 - jun 2008].
- Smartcard-integratie in het pseudoniemsysteem idemix,
Luuk Danes, at TNO
Groningen, [dec 2006 - jul 2007].
- Privacy policies voor software, Leon Krol, [feb 2006 - aug 2006].
End-To-End Application Security Using Trusted Computing
by Michiel Broekman at Oxford University Computing Laboratory
[Jan 2005 - Aug 2005].
- Security of Web Services by
Robert-Jan Boezeman at Oxford University Computing Laboratory [Jan 2003 - Aug
Winner of the
Thesis Award 2003
- UMTS Mobile Financial Services Security
by Yan Yijun at ABN AMRO.
- JAVA Cards as Secure Object Store
by Richard Brinkman.
- SPAM Filter Analysis
by Jeroen van Nieuwenhuizen.
- Implementing Multi Level Security using a plublic key infrastructure
by Edward Stempel at Philips Crypto.
- OCCAMM Security Assessment
by Paul Alexander at KPN Research.