Project Ideas

Here are some project ideas:

• Improve the age crypto software. Propose improvements to the age encryption software, such as the use of post-quantum algorithms. Implement them.
• Extend or find applications for PrivacyPass and TrustTokens.
• Implement ZK circuits for Ethereum. For example, implement a game such as DarkForest or another application.
• Design and write a deterministic password manager. This would take in a seed password (or better, generate one) and produce all of the passwords for different websites. Such projects exist, but almost all have flaws of some sort. See if you can improve upon what's been done.
• Better passwords. Explore a better scheme for designing and generating memorable strong passwords for encryption schemes. Your passwords should have strength at least 2^50. Consider a user study to verify that your ideas work.
• Can ransomware be prevented or made better? Can we find ways to block ransomware from encrypting systems? Also: current ransomware payments don't always guarantee that you'll get the key to decrypt your files. Can you design a conditional payment mechanism for Bitcoin or Ethereum that guarantees you will get the key -- or the payment does not go through? Note: this is ex
• Zero knowledge proofs. Learn about the ZKBoo library and implement a zero knowledge proof for an interesting and/or novel program or circuit.
• Post-quantum cryptography. Implement a PQ signature library, using hash-based signatures or a related construction.
• Monitoring TLS. There are some people who want to passively monitor the TLS protocol. (https://tools.ietf.org/html/draft-rhrd-tls-tls13-visibility-00) Review these protocols. Find alternatives. What else can be done in this space?
• Fuzzy vaults. Read Juels' paper about Fuzzy Vaults (http://www.arijuels.com/wp-content/uploads/2013/09/JS02.pdf). Design and implement a fuzzy vault based on a specific set of inputs or biometrics.
• Implement CAPTCHA encryption. See this blog post on using CAPTCHAs to strengthen encryption (https://blog.cryptographyengineering.com/category/captchas/). Provide an implementation of this idea using CAPTCHAs or some other human-specific puzzle.
• Review Telegram crypto. Take a deep dive into the Telegram encryption protocols, starting with online documentation and looking at open code. Write a protocol analysis.
• Implement a cryptographic functionality (e.g., a tiny Hardware Security Module) in Intel's SGX. Note: this one can be more challenging than you think. You may need to use a simulator.
• Linux RNG seeding. Analyze protocols for seeding RNGs, including Pollinate. Find out how secure these are, and if you can improve them.
• Perform a detailed analysis or implementation of the Noise protocol. This protocol is used by WhatsApp.
• Enhance Minilock. Minilock is a small, Javascript-based encryption system for browsers. Design an extension for this software that enables corporate use. Or something even cooler.
• Ransomware payment analysis toolkit and website. There have been a number of major ransomware attacks. See if you can develop a useful set of analytic tools to see who is paying these ransoms, and how many. This could be a real resource if it has an associated live information website.
• Look at the CryptDB project, and other projects like Encrypted BigQuery from Google. Either implement something useful with this system and get measurements, or see if you can produce some of the recent research results that extract data from these systems.
• Develop a fuzzer for GnuPG. Or some other crypto library.
• Anonymous credential system. Develop a simple anonymous credential protocol for something like Wikipedia.
• Develop a tool to identify statistics from the Certificate Transparency Logs. What's going on in these logs? What can we learn?
• Charm implementation. Charm is an experimental toolkit produced by JHU to implement cryptographic algorithms. Install and use it to implement and measure some new cryptographic protocol, such as one of the ring signature protocols being proposed for use in cryptocurrencies.
• EMV protocols. Modern credit cards use EMV (smart cards) to perform transactions. Figure out how these protocols work, and why they are so slow. Then write a really detailed analysis of this and how to make it faster.