Project Ideas

This page contains a number of ideas for M.Sc. projects. If you are interested e-mail at "T . Chothia (at) cwi.nl". I also encourage you to suggest your own ideas for projects.

  • Analysis of QoS Based Attacks on Software

    The resource usage of an application leaks a lot of information about what's going on inside it. This can sometimes lead to a very effective way of breaking an otherwise secure protocol. This project aims to use automata to try to model and find these kind of attacks.
    For more details see the paper Keeping Secrets in Resource Aware Components.

  • A Crowds Firefox Extension for Anonymous Web Browsing

    Crowds is a popular example of an anonymous protocol but there is no easy to use implementation. The aim of this project is to develop an extension of the Firefox web browser that allows anonymous web browsing. If the project goes well it will then be possible to look for attacks on anonymity based on web surfing patterns.
    Requirement: Experience of programming for network applications.

  • A Lightweight Distributed Transactions Package

    Distributed transactions can often go very wrong when some of the computers involved fail. Software systems that try to get around this problem are often heavyweight, one-size-fits-all applications that are too inflexible to be of real use. This project will develop a lightweight, flexible transactions package that gives the programmer full control of how network connections are made.
    For more information read sections 1 & 6 of the paper: Capability-Passing Processes.

  • Software Support for Checking Anonymity

    In recent work at CWI we have developed a prototype platform for checking anonymity. The aim of this project will be to develop the platform into a usable tool and then use it to test some supposedly anonymous protocols.
    For more information read the paper: A Framework for Automatically Checking Anonymity with mCRL.

  • Verify Key Internet Protocols

    The aim of this project is to analyse a range of key Internet protocols (such as TLS, IKE, SSH) using a range of different protocol analysis tools. While it is very unlikely that any errors will be found this project will develop a greater understanding of how these key protocols work and illustrate the strengths and weaknesses of the different protocol checking tools.
    Requirement: Did well on Homework 2 of the MASP course.

  • Verify New Proposed Protocols

    The aim of this project is to apply formal analysis to new proposed protocols. These are often defined in a very informal way, so building correct models can be difficult. However there is a good chance of finding real errors in the protocol design.
    Requirement: Did well on Homework 2 of the MASP course.

  • An Alice and Bob Notation Translator for ProVerif

    The aim of this project is to develop software that can translate protocols in the Alice and Bob notation to protocol descriptions in ProVerif. Generally the more informal notional contains ambiguities that must be resolved in order to be able to generate ProVerif code. This project could result in a very useful tool.

  • What is Anonymity used for?

    A number of less well-known anonymity applications do not encrypt their traffic. The aim of this project is to develop software that can analyse the traffic over these networks and find out what the networks are being used for, and if different anonymity applications attract different kinds of users.
    Requirement: Experience of programming for network applications.