Martin Ukrop

“Not everything that can be counted counts. Not everything that counts can be counted.”
(William Bruce Cameron)
 Scholar    ORCID  ORCID     GitHub
 Office A402, FI MUNI

RNDr. Martin Ukrop

Security researcher and Ph.D. candidate at the Centre for Research on Cryptography and Security at Masaryk University in Brno, Czech Republic.

Current aim of my research

“I want help developers create more usable security APIs to lower software exploitation.”

My research

My current research is about making security usable for IT professionals (developers, system administrators and such) that lack a specialized training in computer security. I focus on cryptographic interfaces (both programmable and command-line) of developer tools and software libraries. Currently, the emphasis is placed on X.509-capable libraries, such as OpenSSL, GnuTLS and NSS, paying special attention to the process of certificate creation and validation.

Before coming to usable security I was interested in randomness testing and helped develop the EACirc project, the automatic problem solver based on circuit-like representation and genetic programming.

I'm a Ph.D. candidate supervised by Vashek Matyas. My research efforts are supported by Red Hat Czech and co-supervised by Nikos Mavrogiannopoulos. Furthermore, we cooperate with psychologists from IRTIS.

Teaching and supervision

I see deep meaning and responsibility in teaching and have been tutoring seminars and lecturing a few courses for more than 5 years. I participate in some security courses (Secure coding principles and practices and Laboratory of security and applied cryptography) as well as courses on functional programming (Haskell) (Non-Imperative Programming and Seminar on Functional Programming). I have supervised multiple bachelor theses in the fields of computer security, functional programming and programming education.

More importantly, I am much engaged in the local community of student teachers called Teaching lab aiming to improve the courses and skills of teachers at the faculty and elsewhere. We run a course for student starting to teach (Teaching Lab course). We've designed a Teacher's reflective diary to help teachers improve their skills by reflection.

Other activities

I'm an avid member of the the organization for experiential learning called Instruktoři Brno aiming to inspire people, broaden their experience and lead them to self-improvement.

I co-organize(d) multiple activities bringing enthusiasm for informatics natural sciences to secondary-school students. This includes the online programming puzzle hunt InterLoS or the multidosciplinary event InterSoB. These activities are covered by the Friends of the nordic animals association (a student club at the Faculty of Informatics, Masaryk University).


  • Evolution of SSL/TLS Indicators and Warnings in Web Browsers
    Lydia Kraus, Martin Ukrop, Vashek Matyas and Tobias Fiebig,
    27th International Workshop on Security Protocols (SPW 2019), Forthcoming, 2019.
    Keywords: usablesec, BibTeX
  • Will You Trust This TLS Certificate? Perceptions of People Working in IT
    Martin Ukrop, Lydia Kraus, Vashek Matyas and Heider Ahmad Mutleq Wahsheh,
    to appear at 35rd Annual Computer Security Applications Conference (ACSAC'2019), ACM, 2019.
    Keywords: usablesec, red-hat, BibTeX


  • A Large-scale Comparative Study of Beta Testers and Regular Users
    Vlasta Stavova, Lenka Dedkova, Martin Ukrop and Vashek Matyas,
    Communications of the ACM, ACM, 2018, 64–71.
    Keywords: usablesec, eset, pre-print PDF, DOI website, BibTeX
  • Experimental large-scale review of attractors for detection of potentially unwanted applications
    Vlasta Stavova, Lenka Dedkova, Vashek Matyas, Mike Just, David Smahel and Martin Ukrop,
    Computers \& Security, 2018, 92–100.
    Keywords: usablesec, eset, gamu, DOI website, paper website, BibTeX
  • Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
    Martin Ukrop and Vashek Matyas,
    Topics in Cryptology – CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018, Springer International Publishing, 2018, 45–64.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX


  • Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study
    Vlasta Stavova, Vashek Matyas, Mike Just and Martin Ukrop,
    Infocommunications Journal, 2017, 18–23.
    Keywords: usablesec, eset, gamu, pre-print PDF, paper website, BibTeX


  • Avalanche Effect in Improperly Initialized CAESAR Candidates
    Martin Ukrop and Petr Svenda,
    Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • New results on reduced-round Tiny Encryption Algorithm using genetic programming
    Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
    IEEE Infocommunications, 2016.
    Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX


  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 11th International Conference on Security and Cryptography, 2014.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    E-Business and Telecommunications, Springer Berlin Heidelberg, 2014, 290–305.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX


  • Towards cryptographic function distinguishers with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 10th International Conference on Security and Cryptography, 2013, 135–146.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX