RNDr. Martin Ukrop

“Not everything that can be counted counts. Not everything that counts can be counted.”

(William Bruce Cameron)

ORCID GitHub
LinkedIn Office A402, FI MU

Security researcher and Ph.D. candidate at the Centre for Research on Cryptography and Security at Masaryk University in Brno, Czech Republic.

Current aim of my research

“I want help developers create more usable security APIs to lower software exploitation.”

My current research is about making security usable for IT professionals (developers, system administrators and such) that lack a specialized training in computer security. I focus on cryptographic interfaces (both programmable and command-line) of developer tools and software libraries. Currently, the emphasis is placed on X.509-capable libraries, such as OpenSSL, GnuTLS and NSS, paying special attention to the process of certificate creation and validation.

Before coming to usable security I was interested in randomness testing and helped develop the EACirc project, the automatic problem solver based on circuit-like representation and genetic programming.

I'm a Ph.D. candidate supervised by Vashek Matyas. My research efforts are supported by Red Hat Czech and co-supervised by Nikos Mavrogiannopoulos. Furthermore, we cooperate with psychologists from IRTIS.

I see deep meaning and responsibility in teaching and have been tutoring seminars and lecturing a few courses for more than 5 years. I participate in some security courses (Secure coding principles and practices and Laboratory of security and applied cryptography) as well as courses on functional programming (Haskell) (Non-Imperative Programming and Seminar on Functional Programming). I have supervised multiple bachelor theses in the fields of computer security, functional programming and programming education.

More importantly, I am much engaged in the local community of student teachers called Teaching lab aiming to improve the courses and skills of teachers at the faculty and elsewhere. We run a course for student starting to teach (Teaching Lab course). We've designed a Teacher's reflective diary to help teachers improve their skills by reflection.

I'm an avid member of the the organization for experiential learning called Instruktoři Brno aiming to inspire people, broaden their experience and lead them to self-improvement.

I co-organize(d) multiple activities bringing enthusiasm for informatics natural sciences to secondary-school students. This includes the online programming puzzle hunt InterLoS or the multidosciplinary event InterSoB. These activities are covered by the Friends of the nordic animals association (a student club at the Faculty of Informatics, Masaryk University).

2022

Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors
Martin Ukrop, Michaela Balážová, Pavol Žáčik, Eric Vincent Valčík and Vashek Matyas,
Proceedings of the 2022 European Symposium on Usable Security, ACM, 2022, 131-144.
Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

@InProceedings{2022-eurousec-ukrop,
  title = {Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors},
  author = {Martin Ukrop and Michaela Balážová and Pavol Žáčik and Eric Vincent Valčík and Vashek Matyas},
  booktitle = {Proceedings of the 2022 European Symposium on Usable Security},
  series = {EuroUSEC '22},
  pages = {131-144},
  publisher = {ACM},
  location = {Karlsruhe, Germany},
  year = {2022},
  doi = {10.1145/3549015.3554296},
  keywords = {usablesec, Red-Hat},
}

Details

Experience with Abrupt Transition to Remote Teaching of Embedded Systems
Jan Koniarik, Daniel Dlhopolcek and Martin Ukrop,
Proceedings of the 2022 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2022.
pre-print PDF, DOI website, paper website, BibTeX

@InProceedings{2022-iticse-koniarik,
  title = {Experience with Abrupt Transition to Remote Teaching of Embedded Systems},
  author = {Jan Koniarik and Daniel Dlhopolcek and Martin Ukrop},
  booktitle = {Proceedings of the 2022 ACM Conference on Innovation and Technology in Computer Science Education},
  series = {ITiCSE ’22},
  publisher = {ACM},
  location = {Dublin, Ireland},
  year = {2022},
  doi = {10.1145/3502718.3524821},
  url = {https://github.com/koniarik/teaching-embedded-remotely},
}

Usability Insights from Establishing TLS Connections
Lydia Kraus, Matej Grabovsky, Martin Ukrop, Katarina Galanska and Vashek Matyas,
ICT Systems Security and Privacy Protection, Springer International Publishing, 2022.
Keywords: usablesec, pre-print PDF, DOI website, BibTeX

@InProceedings{2022-ifipsec-kraus,
  title = {Usability Insights from Establishing TLS Connections},
  author = {Lydia Kraus and Matej Grabovsky and Martin Ukrop and Katarina Galanska and Vashek Matyas},
  booktitle = {ICT Systems Security and Privacy Protection},
  series = {IFIP Advances in Information and Communication Technology},
  publisher = {Springer International Publishing},
  year = {2022},
  doi = {10.1007/978-3-031-06975-8_17},
  keywords = {usablesec},
}

Details

2021

Challenges Faced by Teaching Assistants in Computer Science Education Across Europe
Emma Riese, Madeleine Loras, Martin Ukrop and Tomas Effenberger,
Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2021.
pre-print PDF, DOI website, BibTeX

@InProceedings{2021-iticse-riese,
  title = {Challenges Faced by Teaching Assistants in Computer Science Education Across Europe},
  author = {Emma Riese and Madeleine Loras and Martin Ukrop and Tomas Effenberger},
  booktitle = {Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education},
  series = {ITiCSE ’21},
  publisher = {ACM},
  location = {Padeborn, Germany},
  year = {2021},
  doi = {10.1145/3430665.3456304},
}

Details

The Stack: Unplugged Activities for Teaching Computer Science (poster)
Valdemar Svabensky and Martin Ukrop,
Proceedings of the 52nd ACM Technical Symposium on Computer Science Education, ACM, 2021.
pre-print PDF, DOI website, BibTeX

@InProceedings{2021-sigcse-svabensky,
  title = {The Stack: Unplugged Activities for Teaching Computer Science (poster)},
  author = {Valdemar Svabensky and Martin Ukrop},
  booktitle = {Proceedings of the 52nd ACM Technical Symposium on Computer Science Education},
  series = {SIGCSE ’21},
  publisher = {ACM},
  location = {Virtual},
  year = {2021},
  isbn = {978-1-4503-8062-1},
  doi = {10.1145/3408877.3439569},
}

Details

2020

Evolution of SSL/TLS Indicators and Warnings in Web Browsers
Lydia Kraus, Martin Ukrop, Vashek Matyas and Tobias Fiebig,
27th International Workshop on Security Protocols (SPW 2019), Springer International Publishing, 2020, 267–280.
Keywords: usablesec, pre-print PDF, DOI website, BibTeX

@InProceedings{2019-spw-kraus,
  title = {Evolution of SSL/TLS Indicators and Warnings in Web Browsers},
  author = {Lydia Kraus and Martin Ukrop and Vashek Matyas and Tobias Fiebig},
  booktitle = {27th International Workshop on Security Protocols (SPW 2019)},
  pages = {267--280},
  publisher = {Springer International Publishing},
  year = {2020},
  doi = {10.1007/978-3-030-57043-9_25},
  keywords = {usablesec},
}

Details

Teaching Lab: Training Novice Computer Science Teachers (poster)
Martin Ukrop, Valdemar Svabensky and Imrich Nagy,
Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2020.
pre-print PDF, DOI website, BibTeX

@InProceedings{2020-iticse-ukrop,
  title = {Teaching Lab: Training Novice Computer Science Teachers (poster)},
  author = {Martin Ukrop and Valdemar Svabensky and Imrich Nagy},
  booktitle = {Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education},
  series = {ITiCSE ’20},
  publisher = {ACM},
  location = {Trondheim, Norway},
  year = {2020},
  isbn = {978-1-4503-6874-2},
  doi = {10.1145/3341525.3393967},
}

Details

Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)
Martin Ukrop, Lydia Kraus and Vashek Matyas,
Digital Threats: Research and Practice, Association for Computing Machinery, 2020.
Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

@Article{2020-dtrap-ukrop,
  title = {Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)},
  author = {Martin Ukrop and Lydia Kraus and Vashek Matyas},
  journal = {Digital Threats: Research and Practice},
  volume = {1},
  number = {4},
  numpages = {30},
  publisher = {Association for Computing Machinery},
  year = {2020},
  issn = {2692-1626},
  doi = {10.1145/3419472},
  keywords = {usablesec, Red-Hat},
}

Details

2019

Reflective Diary for Professional Development of Novice Teachers
Martin Ukrop, Valdemar Svabensky and Jan Nehyba,
Proceedings of the 50th ACM Technical Symposium on Computer Science Education, ACM, 2019, 1088–1094.
pre-print PDF, DOI website, BibTeX

@InProceedings{2019-sigcse-ukrop,
  title = {Reflective Diary for Professional Development of Novice Teachers},
  author = {Martin Ukrop and Valdemar Svabensky and Jan Nehyba},
  booktitle = {Proceedings of the 50th ACM Technical Symposium on Computer Science Education},
  series = {SIGCSE '19},
  pages = {1088--1094},
  publisher = {ACM},
  address = {New York, NY, USA},
  year = {2019},
  isbn = {978-1-4503-5890-3},
  doi = {10.1145/3287324.3287448},
}

Details

Will You Trust This TLS Certificate? Perceptions of People Working in IT
Martin Ukrop, Lydia Kraus, Vashek Matyas and Heider Ahmad Mutleq Wahsheh,
Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019), ACM, 2019.
Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

@InProceedings{2019-acsac-ukrop,
  title = {Will You Trust This TLS Certificate? Perceptions of People Working in IT},
  author = {Martin Ukrop and Lydia Kraus and Vashek Matyas and Heider Ahmad Mutleq Wahsheh},
  booktitle = {Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019)},
  publisher = {ACM},
  year = {2019},
  doi = {10.1145/3359789.3359800},
  keywords = {usablesec, Red-Hat},
}

Details

2018

A Large-scale Comparative Study of Beta Testers and Regular Users
Vlasta Stavova, Lenka Dedkova, Martin Ukrop and Vashek Matyas,
Communications of the ACM, ACM, 2018, 64–71.
Keywords: usablesec, eset, pre-print PDF, DOI website, BibTeX

@Article{2018-cacm-stavova,
  title = {A Large-scale Comparative Study of Beta Testers and Regular Users},
  author = {Vlasta Stavova and Lenka Dedkova and Martin Ukrop and Vashek Matyas},
  journal = {Communications of the ACM},
  volume = {61},
  number = {2},
  pages = {64--71},
  publisher = {ACM},
  year = {2018},
  doi = {10.1145/3173570},
  keywords = {usablesec, ESET},
}

Details

Experimental large-scale review of attractors for detection of potentially unwanted applications
Vlasta Stavova, Lenka Dedkova, Vashek Matyas, Mike Just, David Smahel and Martin Ukrop,
Computers \& Security, 2018, 92–100.
Keywords: usablesec, eset, gamu, DOI website, paper website, BibTeX

@Article{2018-compsec-statova,
  title = {Experimental large-scale review of attractors for detection of potentially unwanted applications},
  author = {Vlasta Stavova and Lenka Dedkova and Vashek Matyas and Mike Just and David Smahel and Martin Ukrop},
  journal = {Computers \& Security},
  volume = {76},
  pages = {92--100},
  year = {2018},
  issn = {0167-4048},
  doi = {10.1016/j.cose.2018.02.017},
  url = {http://www.sciencedirect.com/science/article/pii/S0167404818301640},
  keywords = {usablesec, ESET, GAMU},
}

Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
Martin Ukrop and Vashek Matyas,
Topics in Cryptology – CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018, Springer International Publishing, 2018, 45–64.
Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

@InBook{2018-rsa-ukrop,
  title = {Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability},
  author = {Martin Ukrop and Vashek Matyas},
  booktitle = {Topics in Cryptology -- CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018},
  pages = {45--64},
  publisher = {Springer International Publishing},
  year = {2018},
  doi = {10.1007/978-3-319-76953-0_3},
  keywords = {usablesec, Red-Hat},
}

Details

2017

Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study
Vlasta Stavova, Vashek Matyas, Mike Just and Martin Ukrop,
Infocommunications Journal, 2017, 18–23.
Keywords: usablesec, eset, gamu, pre-print PDF, paper website, BibTeX

@Article{2017-infocomm-stavova,
  title = {Factors Influencing the Purchase of Security Software for Mobile Devices -- Case Study},
  author = {Vlasta Stavova and Vashek Matyas and Mike Just and Martin Ukrop},
  journal = {Infocommunications Journal},
  volume = {9},
  issue = {1},
  pages = {18--23},
  year = {2017},
  url = {http://www.infocommunications.hu/2017_1},
  keywords = {usablesec, ESET, GAMU},
}

2016

Avalanche Effect in Improperly Initialized CAESAR Candidates
Martin Ukrop and Petr Svenda,
Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

@InProceedings{2016-memics-ukrop,
  title = {Avalanche Effect in Improperly Initialized CAESAR Candidates},
  author = {Martin Ukrop and Petr Svenda},
  booktitle = {Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016},
  series = {Electronic Proceedings in Theoretical Computer Science},
  volume = {233},
  pages = {72-81},
  publisher = {Open Publishing Association},
  year = {2016},
  doi = {10.4204/EPTCS.233.7},
  keywords = {eacirc, randomness},
  editor = {Bouda, Jan and Holík, Lukáš and Kofroň, Jan and Strejček, Jan and Rambousek, Adam},
  eventtitle = {MEMICS},
  eventdate = {October 23--25, 2016},
}

Details

New results on reduced-round Tiny Encryption Algorithm using genetic programming
Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
IEEE Infocommunications, 2016.
Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX

@Article{2016-infocommunications-kubicek,
  title = {New results on reduced-round Tiny Encryption Algorithm using genetic programming},
  author = {Karel Kubicek and Jiri Novotny and Petr Svenda and Martin Ukrop},
  journal = {IEEE Infocommunications},
  volume = {8},
  issue = {1},
  year = {2016},
  url = {http://www.infocommunications.hu/2016_1},
  keywords = {eacirc, randomness},
}

Details

2014

Constructing empirical tests of randomness
Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
2014 11th International Conference on Security and Cryptography (SECRYPT), 2014, 1–9.
pre-print PDF, BibTeX

@InProceedings{2014-secrypt-sys,
  title = {Constructing empirical tests of randomness},
  author = {Marek Sys and Petr Svenda and Martin Ukrop and Vashek Matyas},
  booktitle = {2014 11th International Conference on Security and Cryptography (SECRYPT)},
  pages = {1--9},
  organization = {IEEE},
  year = {2014},
}

Constructing empirical tests of randomness
Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
Proceedings of the 11th International Conference on Security and Cryptography, 2014.
Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

@InProceedings{2014-secrypt-sys,
  title = {Constructing empirical tests of randomness},
  author = {Marek Sys and Petr Svenda and Martin Ukrop and Vashek Matyas},
  booktitle = {Proceedings of the 11th International Conference on Security and Cryptography},
  year = {2014},
  doi = {10.5220/0005023902290237},
  keywords = {eacirc, randomness},
  eventtitle = {ICETE},
}

Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits
Petr Svenda, Martin Ukrop and Vashek Matyas,
E-Business and Telecommunications, Springer Berlin Heidelberg, 2014, 290–305.
Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

@InCollection{2014-ccis-svenda,
  title = {Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits},
  author = {Petr Svenda and Martin Ukrop and Vashek Matyas},
  booktitle = {E-Business and Telecommunications},
  volume = {456},
  pages = {290--305},
  publisher = {Springer Berlin Heidelberg},
  year = {2014},
  doi = {10.1007/978-3-662-44788-8_17},
  keywords = {eacirc, randomness},
}

2013

Towards cryptographic function distinguishers with evolutionary circuits
Petr Svenda, Martin Ukrop and Vashek Matyas,
Proceedings of the 10th International Conference on Security and Cryptography, 2013, 135–146.
Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

@InProceedings{2013-secrypt-svenda,
  title = {Towards cryptographic function distinguishers with evolutionary circuits},
  author = {Petr Svenda and Martin Ukrop and Vashek Matyas},
  booktitle = {Proceedings of the 10th International Conference on Security and Cryptography},
  pages = {135--146},
  year = {2013},
  doi = {10.5220/0004524001350146},
  keywords = {eacirc, randomness},
  eventtitle = {ICETE},
}

RNDr. Martin Ukrop

Current aim of my research

My research

Teaching and supervision

Other activities

My publications

2022

2021

2020

2019

2018

2017

2016

2014

2013