Semester Projects

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Yuanming Song, Kien Tuong Truong)

This project investigates the largely unexplored area of timing side channels in data compression and decompression, building upon recent findings that highlight vulnerabilities in decompression processes. Data compression, while effective in reducing data size by eliminating redundancy, unintentionally introduces information leakage vectors, such as compression ratio side channels, previously exploited in attacks like CRIME and BREACH. The project aims to investigate timing variations during both compression and decompression, striving to enhance the reliability and efficiency of decompression timing side-channel attacks and exploring the potential for similar vulnerabilities during compression. The research may also extend to examining other compression algorithms, such as brotli and bzip2, for their susceptibility to timing side channels. Practically, the project involves crafting payloads to exploit timing differences, potentially through manual analysis, automated tools, or by adapting existing techniques for compression ratio side-channel attacks, with a strong focus on implementation and experimentation.

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Jan Gilcher)

This project aims to create a highly optimized x86_64 implementation of the Poly1163 universal hash function, which promises a better security-performance tradeoff than the widely used Poly1305. Poly1163 offers higher security with reduced computational complexity, making it a strong candidate to replace Poly1305, particularly within the ChaCha20-Poly1305 AEAD scheme. The project's first phase focuses on optimizing Poly1163 using vectorization techniques like AVX2 and low-level assembly optimizations to outperform OpenSSL’s Poly1305 on modern Intel processors by 10-20%. The second phase involves integrating this optimized Poly1163 with a ChaCha20 implementation to develop a new AEAD scheme, ChaCha20-Poly1163, which will be benchmarked against existing standards to determine its potential as a superior alternative. The project leverages previous optimization work to maximize performance gains and aims to demonstrate Poly1163's viability as a successor to Poly1305 in cryptographic applications.

(Supervisor: Prof. Christoph Studer, Joint Supervisor: Dr. Stefan Mangold)

This project seeks to establish and evaluate a smartphone-based communication framework for humanitarian missions, where internet connectivity is either disrupted or entirely unavailable. By leveraging widely used wireless standards, devices will form multi-hop networks capable of forwarding messages without centralized infrastructure or specialized hardware. A dedicated test environment—combining multiple smartphones and computers—will be used to measure performance under realistic conditions, focusing on metrics such as reliability and coverage. Ultimately, the project will provide insights into designing resilient, delay-tolerant mesh networks to support critical coordination efforts when conventional communication methods fail.

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Dr. Simon-Philipp Merz, Kien Tuong Truong)

This student project focuses on the emerging field of post-quantum cryptography, specifically exploring cryptographic systems based on the computational difficulty of decoding linear error-correcting codes. As quantum computers pose a threat to current public-key encryption, research in post-quantum cryptography has gained importance. The project aims to systematize recent advancements in information-set decoding (ISD) algorithms, which are crucial for understanding and potentially improving code-based cryptanalysis. The project will provide a comprehensive overview of existing ISD algorithms, analyze their variations and how they exploit the structure of decoding problems, such as regular syndrome decoding. Additionally, it will evaluate current leading implementations of ISD algorithms and seek to achieve concrete performance improvements. This research will contribute to the standardization efforts by organizations like the US National Institute of Standards and Technology (NIST) in developing secure cryptographic systems for a post-quantum world.

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Dr. Lenka Mareková)

This project's aim is to develop a Systematization of Knowledge, a type of work which aims to comprehensively review, organize, and synthesize existing knowledge on a particular topic. In this case the focus will be on mesh networks and their applications to offline communications, taking a broad definition of "mesh" to include traditional ad-hoc networks [1,2], peer-to-peer systems as well as more recently proposed mesh messaging designs [3,4,5], spanning cryptography but also security research more widely. The project will also survey a host of existing practical tools and their capabilities [6,7,8], thus providing a comprehensive overview of what is available in the real world, and what the potential gaps are.

The goal will be to catalogue existing usecases in which these networks have been or were intended to be utilised and describe the functionality they provide; to identify key assumptions behind the proposed designs; describe common threat models as well as the promised security guarantees. The work could also draw on related concepts from the anonymity and censorship resistance literature, and as a potential extension explore social science works on internet shutdowns and other contexts where standard communication media are not available or not reliable enough for use.

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Dr. Jean-Philippe Aumasson, Dr. Lenka Mareková)

This project seeks to evaluate the cryptographic foundation of HashiCorp Vault, a widely deployed but under-researched open-source key management system (KMS). KMS are essential for securely generating, storing, and handling cryptographic keys and other sensitive data, a task often complicated by the need for strong security measures, such as hardware security modules (HSM) for bootstrapping trust. While prominent KMS from Microsoft, Google, and AWS are closed-source and integrated with their respective ecosystems, Vault offers an open-source alternative with complex cryptographic mechanisms that have not been extensively examined in academic research.

The project involves a thorough review of Vault's documentation and source code to understand its threat model and security controls, including optional enhancements like HSM-based unsealing and secret-sharing mechanisms. The student will develop an informal model of Vault's cryptographic protocols, scrutinize them for potential vulnerabilities, and test these vulnerabilities through proof-of-concept implementations. The final deliverables include a comprehensive report detailing the protocols, identified flaws, and potential mitigations. The study may also extend to comparing Vault with its recent fork, OpenBao, to assess differences in their security properties.