I'm also open to topic suggestions related to the security analysis of real-world security systems and (efficient, small) implementation of crypto, please contact me if you've something in mind. In addition to the topics in the list below, I might also have additional topic ideas which usually come up after discussing your preferences and ideas in person.
Please do not put my name down as a supervisor without talking to me first.
deleted text means: currently no longer available.
- Attacking embedded bootloaders (e.g. ARM processors)
- Security analysis of U2F tokens (some maths, C or Java programming, maybe side-channel or other hardware attacks)
- Low-cost RFID sniffing with DVB-T sticks (signal processing in C or Python)
- Large-scale analysis of automotive firmware
- Security analysis of Trusted Execution Environments and enclaves (e.g. Intel SGX, Trustzone, Keystone)
- Hardware attacks on smartphones (direct memory dumps, JTAG, side channels, faults, etc)
- Analysis of implementations of biometric algorithms (e.g. in smartphones)
- Extension of the ChameleonMini open source project (e.g. Legic Prime, Felica)
If you are interested in one of these topics, please contact me and outline very shortly why you selected a particular topic. Also, let me know if there are any questions. Finally, note that these are project ideas that can be adapted (to a certain degree) to your skills and to what you want to learn.