This is an old revision of the document!


Martin Ukrop

“Not everything that can be counted counts. Not everything that counts can be counted.”
(William Bruce Cameron)
 mukrop@mail.muni.cz
 Scholar    ORCID  ORCID     GitHub
 Office A404, FI MUNI

Mgr. Martin Ukrop

Security researcher and Ph.D. candidate at the Centre for Research on Cryptography and Security at Masaryk University in Brno, Czech Republic.

Current aim of my research

“I want help developers create more usable security APIs to lower software exploitation.”

Making security usable for IT professionals (developers, system administrators and such) that lack a specialized training in computer security. We focus on cryptographic interfaces (APIs) of developer tools and software libraries. A recent experiment on a developer conference tried to assess the usability of OpenSSL, a well-known and widely used cryptographic library. Based on the overall results, we deem the OpenSSL usability insufficient according to both user opinions and standardized measures.

Red Hat, FSS

Before coming to usable security I was interested in randomness testing and helped develop the EACirc project, the automatic problem solver based on circuit-like representation and genetic programming. It can be utilized as randomness testing tool similar to statistical batteries (NIST STS, Dieaharder, TestU01), for instance for analysis of cryptographic function outputs. It uses supervised learning techniques based on metaheuristics to construct adapted distinguisher of two input data streams. The distinguisher can be represented as hardware-like circuits or algebraic polynomial.

I see deep meaning and responsibility in teaching and have been tutoring seminars and lecturing a few courses for more than 5 years. I participate in some security courses (Secure coding principles and practices and Laboratory of security and applied cryptography). More importantly, I am much engaged in the local community of student teachers and leading the Teaching Lab course.

Finally, I am still very fond of functional programming (Haskell in particular) and have been teaching Non-Imperative Programming and Seminar on Functional Programming for quite some time.

I have supervised multiple bachelor theses in the fields of computer security, functional programming and programming education.

2022

  • Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors
    Martin Ukrop, Michaela Balážová, Pavol Žáčik, Eric Vincent Valčík and Vashek Matyas,
    Proceedings of the 2022 European Symposium on Usable Security, ACM, 2022, 131-144.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX
  • Experience with Abrupt Transition to Remote Teaching of Embedded Systems
    Jan Koniarik, Daniel Dlhopolcek and Martin Ukrop,
    Proceedings of the 2022 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2022.
    pre-print PDF, DOI website, paper website, BibTeX
  • Usability Insights from Establishing TLS Connections
    Lydia Kraus, Matej Grabovsky, Martin Ukrop, Katarina Galanska and Vashek Matyas,
    ICT Systems Security and Privacy Protection, Springer International Publishing, 2022.
    Keywords: usablesec, pre-print PDF, DOI website, BibTeX

2021

  • Challenges Faced by Teaching Assistants in Computer Science Education Across Europe
    Emma Riese, Madeleine Loras, Martin Ukrop and Tomas Effenberger,
    Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2021.
    pre-print PDF, DOI website, BibTeX
  • The Stack: Unplugged Activities for Teaching Computer Science (poster)
    Valdemar Svabensky and Martin Ukrop,
    Proceedings of the 52nd ACM Technical Symposium on Computer Science Education, ACM, 2021.
    pre-print PDF, DOI website, BibTeX

2020

  • Evolution of SSL/TLS Indicators and Warnings in Web Browsers
    Lydia Kraus, Martin Ukrop, Vashek Matyas and Tobias Fiebig,
    27th International Workshop on Security Protocols (SPW 2019), Springer International Publishing, 2020, 267–280.
    Keywords: usablesec, pre-print PDF, DOI website, BibTeX
  • Teaching Lab: Training Novice Computer Science Teachers (poster)
    Martin Ukrop, Valdemar Svabensky and Imrich Nagy,
    Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2020.
    pre-print PDF, DOI website, BibTeX
  • Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)
    Martin Ukrop, Lydia Kraus and Vashek Matyas,
    Digital Threats: Research and Practice, Association for Computing Machinery, 2020.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2019

  • Reflective Diary for Professional Development of Novice Teachers
    Martin Ukrop, Valdemar Svabensky and Jan Nehyba,
    Proceedings of the 50th ACM Technical Symposium on Computer Science Education, ACM, 2019, 1088–1094.
    pre-print PDF, DOI website, BibTeX
  • Will You Trust This TLS Certificate? Perceptions of People Working in IT
    Martin Ukrop, Lydia Kraus, Vashek Matyas and Heider Ahmad Mutleq Wahsheh,
    Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019), ACM, 2019.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2018

  • A Large-scale Comparative Study of Beta Testers and Regular Users
    Vlasta Stavova, Lenka Dedkova, Martin Ukrop and Vashek Matyas,
    Communications of the ACM, ACM, 2018, 64–71.
    Keywords: usablesec, eset, pre-print PDF, DOI website, BibTeX
  • Experimental large-scale review of attractors for detection of potentially unwanted applications
    Vlasta Stavova, Lenka Dedkova, Vashek Matyas, Mike Just, David Smahel and Martin Ukrop,
    Computers \& Security, 2018, 92–100.
    Keywords: usablesec, eset, gamu, DOI website, paper website, BibTeX
  • Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
    Martin Ukrop and Vashek Matyas,
    Topics in Cryptology – CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018, Springer International Publishing, 2018, 45–64.
    Keywords: usablesec, red-hat, pre-print PDF, DOI website, BibTeX

2017

  • Factors Influencing the Purchase of Security Software for Mobile Devices – Case Study
    Vlasta Stavova, Vashek Matyas, Mike Just and Martin Ukrop,
    Infocommunications Journal, 2017, 18–23.
    Keywords: usablesec, eset, gamu, pre-print PDF, paper website, BibTeX

2016

  • Avalanche Effect in Improperly Initialized CAESAR Candidates
    Martin Ukrop and Petr Svenda,
    Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • New results on reduced-round Tiny Encryption Algorithm using genetic programming
    Karel Kubicek, Jiri Novotny, Petr Svenda and Martin Ukrop,
    IEEE Infocommunications, 2016.
    Keywords: eacirc, randomness, pre-print PDF, paper website, BibTeX

2014

  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    2014 11th International Conference on Security and Cryptography (SECRYPT), 2014, 1–9.
    pre-print PDF, BibTeX
  • Constructing empirical tests of randomness
    Marek Sys, Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 11th International Conference on Security and Cryptography, 2014.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX
  • Determining cryptographic distinguishers for eStream and SHA-3 candidate functions with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    E-Business and Telecommunications, Springer Berlin Heidelberg, 2014, 290–305.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX

2013

  • Towards cryptographic function distinguishers with evolutionary circuits
    Petr Svenda, Martin Ukrop and Vashek Matyas,
    Proceedings of the 10th International Conference on Security and Cryptography, 2013, 135–146.
    Keywords: eacirc, randomness, pre-print PDF, DOI website, BibTeX