As a professor at the Institute for Computing and Information Sciences (iCIS) I am also teaching courses offered by the Radboud University Bachelor program in Cyber security and within the TRU/e security master (joint program in information security with TU Eindhoven).

I have a long-standing collaboration with the Dutch security evaluation industry i.e. Riscure where many of my students did their theses and internships. I also collaborate with the Data Science group of iCIS and internationally. I actively participate in several EU projects and COST actions and am a member of national and international expert panels.

Theses/internships topics

  • Hardware mplementations of NIST Lightweight Cryptography candidates. (Thesis/internships)
    The National Institute of Standards and Technology (NIST) in the US has recently launched a competition for AEAD/HASH candidates with lightweight footprint. For this competition, NIST is looking for candidates that imply low resources in hardware, low latency response and/or low cost side-channel protections.
    In this project you will implement one or more of the 32 remaining proposals on FPGAs in our lab and compare them regarding resources required and latency time. You can also attack your own implementation or other implementations available, and add countermeasures and perform the comparison again.
    An implementation will typically require 10% study, 60% designing, describing the hardware and debugging, and 30% testing in the lab.
    The competition website
    Required: literature study, programming, crypto
  • A study of information theoretic measures of leakage degradation. (Master thesis)
    Perceived Information is an information-theoretic measure used in SCA to determine the amount of information an adversary can extract from the target device. It is a generalization of mutual information, which takes into account the degradation introduction by the assumption of a leakage model. The objective of this thesis is to compare the perceived information measure, which is specific to SCA with the more traditional metrics used in information theory such as cross-entropy and relative entropy.
    Required: statistics, programming, analytical thinking
  • Dynamic leakage assessment. (Master thesis)
    Power trace simulators are available to generate trace sets, without the need for expensive equipment. These simulators are used for testing the effectiveness of countermeasures against side-channel analysis. The simulators are open source. The objective of this internship is to build plug-ins for these simulators which at a press of a button give an indication of the amount of leakage available in the generated trace-sets.
    Required: programming skills, statistics, crypto
  • Using generative models for data augmentation. (Master thesis)
    Data augmentation techniques, in the context of SCA are methods which allow the artificial generation of traces. By using generative model for data augmentation, we are looking to solve the class-imbalance problem. The main objective of this project is to determine what is a good similarity measure for generating synthetic data.
    Required: programming, machine learning
  • Testing new metric for training deep networks on complex tracesets. (Bachelor thesis/Internship)
    A recent finding allows us to determine the precise moment when a neural network starts overfitting side channel analysis data. The new metric was tested on two relatively simple datasets. The objective of this internship is to test this new metric on complex, real life datasets and understand its eventual limitations.
    Required: python programming skills
  • A study on the resilience to SCA attacks for an RiscV architecture. (Bachelor thesis/Internship)
    New Risc-V chips are coming onto the market, and chipmakers seem really interested in not paying licensing fees. FI is one of the most popular hardware attack techniques. As chips only recently came out into the market, there is not a lot known about how these new platforms will behave with respect to Side Channel Attacks, when a software AES engine is used.
    Required: programming, crypto