This is an old revision of the document!
“Not everything that can be counted counts.
Not everything that counts can be counted.”
(William Bruce Cameron)
Security researcher and
Ph.D. candidate at the
Centre for Research on Cryptography and Security at
Masaryk University in Brno, Czech Republic.
Current aim of my research
“I want help developers create more usable security APIs to lower software exploitation.”
My current research is about making security usable for IT professionals (developers, system administrators and such) that lack a specialized training in computer security. I focus on cryptographic interfaces (both programmable and command-line) of developer tools and software libraries. Currently, the emphasis is placed on X.509-capable libraries, such as OpenSSL, GnuTLS and NSS, paying special attention to the process of certificate creation and validation.
Before coming to usable security I was interested in randomness testing and helped develop the EACirc project, the automatic problem solver based on circuit-like representation and genetic programming.
I'm a Ph.D. candidate supervised by Vashek Matyas.
My research efforts are supported by Red Hat Czech and co-supervised by Nikos Mavrogiannopoulos.
Furthermore, we cooperate with psychologists from IRTIS.
Teaching and supervision
I see deep meaning and responsibility in teaching and have been tutoring seminars and lecturing a few courses for more than 5 years.
I participate in some security courses (Secure coding principles and practices and Laboratory of security and applied cryptography) as well as courses on functional programming (Haskell) (Non-Imperative Programming and Seminar on Functional Programming). I have supervised multiple bachelor theses in the fields of computer security, functional programming and programming education.
More importantly, I am much engaged in the local community of student teachers called Teaching lab aiming to improve the courses and skills of teachers at the faculty and elsewhere. We run a course for student starting to teach (Teaching Lab course). We've designed a Teacher's reflective diary to help teachers improve their skills by reflection.
I'm an avid member of the the organization for experiential learning called Instruktoři Brno aiming to inspire people, broaden their experience and lead them to self-improvement.
I co-organize(d) multiple activities bringing enthusiasm for informatics natural sciences to secondary-school students. This includes the online programming puzzle hunt InterLoS or the multidosciplinary event InterSoB. These activities are covered by the Friends of the nordic animals association (a student club at the Faculty of Informatics, Masaryk University).
2022
Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors
Martin Ukrop,
Michaela Balážová,
Pavol Žáčik,
Eric Vincent Valčík and
Vashek Matyas,
Proceedings of the 2022 European Symposium on Usable Security, ACM, 2022, 131-144.
Keywords:
usablesec,
red-hat,
pre-print PDF,
DOI website,
BibTeX @InProceedings{2022-eurousec-ukrop,
title = {Assessing Real-World Applicability of Redesigned Developer Documentation for Certificate Validation Errors},
author = {Martin Ukrop and Michaela Balážová and Pavol Žáčik and Eric Vincent Valčík and Vashek Matyas},
booktitle = {Proceedings of the 2022 European Symposium on Usable Security},
series = {EuroUSEC '22},
pages = {131-144},
publisher = {ACM},
location = {Karlsruhe, Germany},
year = {2022},
doi = {10.1145/3549015.3554296},
keywords = {usablesec, Red-Hat},
}
Usability Insights from Establishing TLS Connections
Lydia Kraus,
Matej Grabovsky,
Martin Ukrop,
Katarina Galanska and
Vashek Matyas,
ICT Systems Security and Privacy Protection, Springer International Publishing, 2022.
Keywords:
usablesec,
pre-print PDF,
DOI website,
BibTeX @InProceedings{2022-ifipsec-kraus,
title = {Usability Insights from Establishing TLS Connections},
author = {Lydia Kraus and Matej Grabovsky and Martin Ukrop and Katarina Galanska and Vashek Matyas},
booktitle = {ICT Systems Security and Privacy Protection},
series = {IFIP Advances in Information and Communication Technology},
publisher = {Springer International Publishing},
year = {2022},
doi = {10.1007/978-3-031-06975-8_17},
keywords = {usablesec},
}
2021
Challenges Faced by Teaching Assistants in Computer Science Education Across Europe
Emma Riese,
Madeleine Loras,
Martin Ukrop and
Tomas Effenberger,
Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2021.
pre-print PDF,
DOI website,
BibTeX @InProceedings{2021-iticse-riese,
title = {Challenges Faced by Teaching Assistants in Computer Science Education Across Europe},
author = {Emma Riese and Madeleine Loras and Martin Ukrop and Tomas Effenberger},
booktitle = {Proceedings of the 2021 ACM Conference on Innovation and Technology in Computer Science Education},
series = {ITiCSE ’21},
publisher = {ACM},
location = {Padeborn, Germany},
year = {2021},
doi = {10.1145/3430665.3456304},
}
The Stack: Unplugged Activities for Teaching Computer Science (poster)
Valdemar Svabensky and
Martin Ukrop,
Proceedings of the 52nd ACM Technical Symposium on Computer Science Education, ACM, 2021.
pre-print PDF,
DOI website,
BibTeX @InProceedings{2021-sigcse-svabensky,
title = {The Stack: Unplugged Activities for Teaching Computer Science (poster)},
author = {Valdemar Svabensky and Martin Ukrop},
booktitle = {Proceedings of the 52nd ACM Technical Symposium on Computer Science Education},
series = {SIGCSE ’21},
publisher = {ACM},
location = {Virtual},
year = {2021},
isbn = {978-1-4503-8062-1},
doi = {10.1145/3408877.3439569},
}
2020
Evolution of SSL/TLS Indicators and Warnings in Web Browsers
Lydia Kraus,
Martin Ukrop,
Vashek Matyas and
Tobias Fiebig,
27th International Workshop on Security Protocols (SPW 2019), Springer International Publishing, 2020, 267–280.
Keywords:
usablesec,
pre-print PDF,
DOI website,
BibTeX @InProceedings{2019-spw-kraus,
title = {Evolution of SSL/TLS Indicators and Warnings in Web Browsers},
author = {Lydia Kraus and Martin Ukrop and Vashek Matyas and Tobias Fiebig},
booktitle = {27th International Workshop on Security Protocols (SPW 2019)},
pages = {267--280},
publisher = {Springer International Publishing},
year = {2020},
doi = {10.1007/978-3-030-57043-9_25},
keywords = {usablesec},
}
Teaching Lab: Training Novice Computer Science Teachers (poster)
Martin Ukrop,
Valdemar Svabensky and
Imrich Nagy,
Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education, ACM, 2020.
pre-print PDF,
DOI website,
BibTeX @InProceedings{2020-iticse-ukrop,
title = {Teaching Lab: Training Novice Computer Science Teachers (poster)},
author = {Martin Ukrop and Valdemar Svabensky and Imrich Nagy},
booktitle = {Proceedings of the 2020 ACM Conference on Innovation and Technology in Computer Science Education},
series = {ITiCSE ’20},
publisher = {ACM},
location = {Trondheim, Norway},
year = {2020},
isbn = {978-1-4503-6874-2},
doi = {10.1145/3341525.3393967},
}
Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)
Martin Ukrop,
Lydia Kraus and
Vashek Matyas,
Digital Threats: Research and Practice, Association for Computing Machinery, 2020.
Keywords:
usablesec,
red-hat,
pre-print PDF,
DOI website,
BibTeX @Article{2020-dtrap-ukrop,
title = {Will You Trust This TLS Certificate? Perceptions of People Working in IT (Extended Version)},
author = {Martin Ukrop and Lydia Kraus and Vashek Matyas},
journal = {Digital Threats: Research and Practice},
volume = {1},
number = {4},
numpages = {30},
publisher = {Association for Computing Machinery},
year = {2020},
issn = {2692-1626},
doi = {10.1145/3419472},
keywords = {usablesec, Red-Hat},
}
2019
Reflective Diary for Professional Development of Novice Teachers
Martin Ukrop,
Valdemar Svabensky and
Jan Nehyba,
Proceedings of the 50th ACM Technical Symposium on Computer Science Education, ACM, 2019, 1088–1094.
pre-print PDF,
DOI website,
BibTeX @InProceedings{2019-sigcse-ukrop,
title = {Reflective Diary for Professional Development of Novice Teachers},
author = {Martin Ukrop and Valdemar Svabensky and Jan Nehyba},
booktitle = {Proceedings of the 50th ACM Technical Symposium on Computer Science Education},
series = {SIGCSE '19},
pages = {1088--1094},
publisher = {ACM},
address = {New York, NY, USA},
year = {2019},
isbn = {978-1-4503-5890-3},
doi = {10.1145/3287324.3287448},
}
Will You Trust This TLS Certificate? Perceptions of People Working in IT
Martin Ukrop,
Lydia Kraus,
Vashek Matyas and
Heider Ahmad Mutleq Wahsheh,
Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019), ACM, 2019.
Keywords:
usablesec,
red-hat,
pre-print PDF,
DOI website,
BibTeX @InProceedings{2019-acsac-ukrop,
title = {Will You Trust This TLS Certificate? Perceptions of People Working in IT},
author = {Martin Ukrop and Lydia Kraus and Vashek Matyas and Heider Ahmad Mutleq Wahsheh},
booktitle = {Proceedings of the 35rd Annual Computer Security Applications Conference (ACSAC'2019)},
publisher = {ACM},
year = {2019},
doi = {10.1145/3359789.3359800},
keywords = {usablesec, Red-Hat},
}
2018
A Large-scale Comparative Study of Beta Testers and Regular Users
Vlasta Stavova,
Lenka Dedkova,
Martin Ukrop and
Vashek Matyas,
Communications of the ACM, ACM, 2018, 64–71.
Keywords:
usablesec,
eset,
pre-print PDF,
DOI website,
BibTeX @Article{2018-cacm-stavova,
title = {A Large-scale Comparative Study of Beta Testers and Regular Users},
author = {Vlasta Stavova and Lenka Dedkova and Martin Ukrop and Vashek Matyas},
journal = {Communications of the ACM},
volume = {61},
number = {2},
pages = {64--71},
publisher = {ACM},
year = {2018},
doi = {10.1145/3173570},
keywords = {usablesec, ESET},
}
Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
Martin Ukrop and
Vashek Matyas,
Topics in Cryptology – CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018, Springer International Publishing, 2018, 45–64.
Keywords:
usablesec,
red-hat,
pre-print PDF,
DOI website,
BibTeX @InBook{2018-rsa-ukrop,
title = {Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability},
author = {Martin Ukrop and Vashek Matyas},
booktitle = {Topics in Cryptology -- CT-RSA 2018: The Cryptographers' Track at the RSA Conference 2018},
pages = {45--64},
publisher = {Springer International Publishing},
year = {2018},
doi = {10.1007/978-3-319-76953-0_3},
keywords = {usablesec, Red-Hat},
}
2017
2016
Avalanche Effect in Improperly Initialized CAESAR Candidates
Martin Ukrop and
Petr Svenda,
Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016, Open Publishing Association, 2016, volume 233 of Electronic Proceedings in Theoretical Computer Science, 72-81.
Keywords:
eacirc,
randomness,
pre-print PDF,
DOI website,
BibTeX @InProceedings{2016-memics-ukrop,
title = {Avalanche Effect in Improperly Initialized CAESAR Candidates},
author = {Martin Ukrop and Petr Svenda},
booktitle = {Proceedings 11th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Telč, Czech Republic, 21st-23rd October 2016},
series = {Electronic Proceedings in Theoretical Computer Science},
volume = {233},
pages = {72-81},
publisher = {Open Publishing Association},
year = {2016},
doi = {10.4204/EPTCS.233.7},
keywords = {eacirc, randomness},
editor = {Bouda, Jan and Holík, Lukáš and Kofroň, Jan and Strejček, Jan and Rambousek, Adam},
eventtitle = {MEMICS},
eventdate = {October 23--25, 2016},
}
New results on reduced-round Tiny Encryption Algorithm using genetic programming
Karel Kubicek,
Jiri Novotny,
Petr Svenda and
Martin Ukrop,
IEEE Infocommunications, 2016.
Keywords:
eacirc,
randomness,
pre-print PDF,
paper website,
BibTeX @Article{2016-infocommunications-kubicek,
title = {New results on reduced-round Tiny Encryption Algorithm using genetic programming},
author = {Karel Kubicek and Jiri Novotny and Petr Svenda and Martin Ukrop},
journal = {IEEE Infocommunications},
volume = {8},
issue = {1},
year = {2016},
url = {http://www.infocommunications.hu/2016_1},
keywords = {eacirc, randomness},
}
2014
2013
