Research projects in CRoCS laboratory [crcs.cz/projects]

  1. Find project you like,
  2. Contact people involved (or visit OpenLab [crcs.cz/openlab]),
  3. Have fun while saving the world (of research and open-source)!

Join us! We are always looking for enthusiastic people with passion for problem solving willing to work hard yet having a good fun. Don't be afraid if you don't have previous experience in the project area you like. We are here to help you and we all learn something in the process.

This project is focused on finding defects in the outputs of cryptographic functions like hash functions or block and stream ciphers. EACirc is our framework for automatic problem solving written in Cpp. It uses metaherustics to construct and optimize software circuits in order to solve the given problem. We speedup EACirc with distributed computation on MetaCentrum grid infrastructure and GPUs with nVidia CUDA support.

Find out more

Last update: 23. 3. 2017

Contact: Karel Kubíček karel.kubicek@mail.muni.cz; Petr Švenda svenda@fi.muni.cz; Marek Sýs syso@fi.muni.cz; Martin Ukrop mukrop@mail.muni.cz

Regular meetings: We have regular EACirc group meetings every even Friady from 09:00 in room A420 - you are invited to come.

  • Research project internal wiki pages
  • Polynomial representation of inner circuits
  • Randomness Testing Tool (RTT, STS NIST, Dieharder, TestU01) - unified interface for different statistical batteries
  • Analysis of output of CAESAR candidates

Involved people:

Former participants: Jan Švarc 2014-2015 (CUDA programming); Zdenek Říha 2013-2016 (bytecode emulator); Milan Čermák 2012-2013 (CUDA support); Ondrej Dubovec 2011-2012 (SHA-3 candidates testing); Matěj Prišťák 2011-2012 (object model and refactoring, XML support, eStream candidates testing); Tobiáš Smolka 2011-2012 (BOINC related support);

Selected publications

This project includes providing a secure platform that is transparent for applications in wireless sensor networks (WSN) - WSNProtectLayer. Our platform includes intrusion detection system (IDS) detecting active attacks. We consider privacy issues to prevent passive attacks on the WSN. We also propose secrecy amplification protocols and evaluate key management schemes. Current work includes parametrised attacker simulated on KMSforWSN framework.

Find out more

Last update: 29.9.2016

Contact: Lukáš Němec lukas.nemec@mail.muni.cz

Additionally, we are developing an optimization framework for the IDS incorporating MiXiM simulator. Evolutionary algorithms are used to optimize the IDS's performance.

  • Research project internal wiki pages
  • WSNProtectLayer - security middleware for TinyOS
    • virtual radio is simulated and automatic packet protection, IDS and key management is provided.
    • WSNProtectLayer Github repository
    • Take a look at video showing WSNProtectLayer middleware in action.
  • Secrecy amplification protocols
    • establishing secure links in partially compromised network
    • SensorSim simulator download page - fast simulator optimized for simulation of secrecy amplification protocols and probabilistic key predistribution
    • KMSforWSN framework based on OMNet++ simulator together with parametrised attacker specification
  • Laboratory testbed
    • Laboratory tesbed with 28 TelosB and 20 JeeNode nodes
    • Edu-Hoc - laboratory Arduino-based testbed with JeeNode nodes together with security applications for ad-hoc and wireless sensor networks.

Involved people:

  • Lukáš Němec 2013-now (Crypto and Key management in TinyOS, Arduino testbed network, Edu-hoc)
  • Radim Ošťádal 2013-now (Secrecy amplification protocols, parametrised attacker in)
  • Branislav Smik 2015-now (Cloud-based IoT management platforms)
  • Martin Stehlík 2010-now (IDS, simulators, optimization)
  • Petr Švenda 2004-now (Key management schemes, secrecy amplification protocols)

Former participants: Marek Sýs 2015 (secrecy amplification protocols); Filip Jurnečka 2010-2014 (Key management schemes), Marcel Gazdík 2012-2013 (ePIR&RFID hw readers), Dušan Klinec 2008-2014 (WSNProtectLayer core developer, a lot of network experiments), Jiří Kůr 2009-2014 (Privacy protection, key establishment), Tobiáš Smolka (testbed, omnetpp experiments, secrecy amplification), Andriy Stetsko (IDS in WSN)

Selected publications

This projects focuses on the security of cryptographic smart cards and their interesting uses in security systems as a trusted element. We work mainly with JavaCard based cryptographic smart cards (but sometimes also .NET or MULTOS cards) and developed multiple software/hardware tools for its analysis.

Find out more

Last update: 27.9.2016

Contact: Petr Švenda svenda@fi.muni.cz

Regular meetings: We have regular smartcard group meetings every Monday from 16:20 in room A417 - you are invited to come (check with us the date and time first).

Involved people:

Former participants: David Komárek 2015-2016 (power analysis of RSA operation); Lukáš Šrom 2014-2015 (support tests); Lenka Kuníková 2013-2014 (performance evaluation of JavaCards) and quite a lot of other people helping us since 2002

Publications

This project focuses on the usage, evaluation and extension of various tools related to secure programming, application vulnerabilities, security testing and code review. We are interested in static and dynamic analysis of the application code with the special focus on security bugs, fuzzy testing, taint analysis and semi-automated review procedures and its incorporation into application development lifecycle. Automated code transformations with security enhancements are also inspected. Part of the work is coordinated with Y Soft Corporation, a.s.

Find out more

Last update: 4.10.2016

Contact: Andriy Stetsko xstetsko@fi.muni.cz or andriy.stetsko@ysoft.com; Petr Švenda svenda@fi.muni.cz

Financial support

  • Y Soft Corporation, a.s. will provide financial support (in a form of stipend) to students with promising results. A number of stipends is limited.
  • A part-time job in Y Soft Corporation, a.s. (during the student study) will be offered to a student with excellent results. The main goal of the part-time job is to integrate and examine student findings in real environment. A number of part-time jobs is limited.

Involved people:

  • Andriy Stetsko 2012-now (Project coordinator, thesis supervisor, Y Soft Corporation, a.s., Microsoft Security Development Lifecycle, Threat modeling, testing, supporting tools)
  • Petr Švenda 2012-now (Project coordinator, thesis supervisor, FI, testing, supporting tools)
  • 2013-now (Student, Sqlmap, W3AF, Arachni, supported by a stipend from Y Soft Corporation, a.s., part-time job in Y Soft Corporation, a.s.)

Previous members:

  • 2015-2016 (Student, Analysis and application of OWASP testing guide, supported by a stipend from Y Soft Corporation, a.s.)
  • 2015-2016 (Student, Metasploit, supported by a stipend from Y Soft Corporation, a.s.)
  • 2014-2016 (Student, Secure software development processes)
  • 2012-2016 (Student, FindBugs, FindSecurityBugs, supported by a stipend from Y Soft Corporation, a.s., part-time job in Y Soft Corporation, a.s.)
  • 2014-2015 (Student, Security mechanisms of PDF files)
  • 2014-2015 (Student, Security aspects of Xamarin/Android Platform)

The first goal is research, and implementation of new algorithms (key derivation, authenticated encryption or integrity protection mechanism) itno existing open-source LUKS/cryptsetup disk encryption project.

The second goal is to make LUKS/libcryptsetup (and supported FDE formats) truly multiplatform tool (Windows/Linux) with focus to independent and extensible open-source software based FDE (Full Disk Encryption) solution. We are focusing on Windows7 and later and Linux 4.x and later OS versions.

Find out more

Last update: 28.9.2016

Contact: Milan Brož xbroz@fi.muni.cz

Join us! The possible areas for cooperation:

  • Developing HMI (Human-machine interface) for storage encryption - ease of use, test cases, simple GUI, HMI usability experiments.
  • Disk (sector-level) storage encryption in Windows study, existing approaches and implementations (TrueCrypt, DiskCryptor, Bitlocker, FreeOTFE, …) with focus on free and open-source solutions. Windows driver architecture for implementing similar encryption capabilities as provided in Linux dm-crypt module.
  • Windows boot process analysis and possibilities to use open-source boot loaders like GRUB2 to inject boot of core Windows system from (LUKS) encrypted device.
  • Using open-source multiplatform encryption libraries (gcrypt, openssl, etc) for implementation of symmetric block cipher encryption wrappe in windows environment, both in userspace and driver.
  • Current status quo in RNG available in Windows7 and later systems, implementation of wrapper (or usable alternative) to Linux /dev/[u]random device.

Involved people:

Selected publications

The usable security projects focus on computational security and end users' behaviour. We already finished first three-year project in a cooperation with commercial companies and Faculty of social studies, Faculty of informatics, Faculty of law. The project aimed to identify influences that make users change their risky behaviour to more secure one. Three experiments are run in cooperation with commercial companies (ESET, Netsuite and SodatSW). Every experiment was targeted at different target group and used different technique (warning, security dialogue, e-learning, user-friendly password recovery, etc.). This project was unique for for the cooperation of three different branches (Faculty of science, Faculty of informatics, Faculty of law) and three commercial companies, who want to better understand their users and to increase the overall security of their products by improving interfaces and processes used by their end users.

Currently we are preparing new project in cooperation with Faculty of social studies and Monet+ company. It aims on user testing of selected authentication methods (FIDO token, identity card, face recognition and use of code only).

Find out more

Last update: 29. 9. 2017

Contact: Vašek Matyáš matyas@fi.muni.cz, Vlasta Šťavová 256169@mail.muni.cz, Agáta Dařbujanová xdarbuj@mail.muni.cz

Involved people:

Publications

  • [2018] Stavova, V., Dedkova, L., Ukrop, M., and Matyas, V. (in press). A large-scale comparative study of beta testers and standard users. Communications of the ACM.
  • [2017] Stavova, V., Matyas, V., Just M. and Ukrop, M.:Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study, Infocommunications Journal, 2017, 18–23.
  • [2016] Stavova, V., Matyas, V. and Just M.: Codes v. People: A Comparative Usability Study of Two Password Recovery Mechanisms, WISTP 2016.
  • [2016] Stavova, V., Matyas, V. and Just M.: On the impact of warning interfaces for enabling the detection of Potentially Unwanted Applications, EuroUSEC 2016.

This project is focused on improving the implementation of standard empirical test of randomness since some complete tests (Linear Complexity, Spectral, Overlapping template matching) can take hours on standard computer for usual amount of data. Tests are usually grouped into test batteries (NIST STS, Diehard,TestU01) to provide more complex randomness analysis. Currently we are focusing on optimization of NIST STS battery. Visit our online testing service.

Find out more

Last update: 27.09.2016

Application Project Github repository

Involved people:

Publications

This project focuses on the cryptographic APIs with respect to their developer usability. Such APIs are notoriously complex and prone to usage errors – our goal is to analyze their (in)correct usage and propose precautions and guidelines to achieve better usability and security.

Find out more

Last update: 21. 9. 2017

Contact: Martin Ukrop mukrop@mail.muni.cz, Vašek Matyáš matyas@fi.muni.cz

Involved people:

Click to see Archived projects. Older projects, which are not currently actively pursued further, but may be activated again later (as happened for multiple projects already).