Thesis Proposals for MAI from COSIC

1
Thesis Proposals for MAIfrom COSIC

• Oct. 12th, 2005, 16h15

2
COSIC who are we?

• COmputer Security Industrial Cryptography
• Mobile security and protocols
• Fast and secure hardware implementations
• Security architectures (XML, ... )
• Design analysis of cryptographic algorithms
  (AES, RIPEMD)
• Interdisciplinary and international research
  group
• 35 researchers from engineering, computer
  science, mathematics, MAI, ... and from 12
  countries.

3
COSIC Thesis Proposals

• Full text of our thesis proposals can also be
  found at http//www.esat.kuleuven.be/cosic/thesis/
  
• We will now present these proposals briefly
• Feel free to contact the daily supervisor if you
  have any further questions

4
Integration of Biometry in Identity Management
(1/2)

• Identity Management is all about
• Information about persons (legal and natural)
  that is flowing around
• Entities that need to be authenticated
• Rights and authorizations that are assigned and
  delegated
• Problems
• Secure and easy authentication of entities
• Management of rights and authorizations
• Information and privacy protection
• Do biometrics offer a solution to these problems?
• Focus on e-Government context

5
Integration of Biometry in Identity Management
(2/2)

• Biometry
• On-line and local identification of a user
  (instead of one of his devices)
• Prevents uncontrolled forwarding of credentials
• User-friendly (?)
• Goals
• Make an overview of state of the art in biometry
  and study models for biometric verification
• Explore techniques usable for inclusion in and
  use with passports and electronic ID cards
• Assess the security level offered by selected
  biometric mechanisms
• Danny.DeCock_at_esat.kuleuven.be
• Koen.Simoens_at_esat.kuleuven.be
• Office 01.67

6
Automated Creation and Selectionof Cryptographic
Primitives (1/2)

• Genetic algorithms
• Evolution of a population
• Combination of individuals
• Mutation of individual
• Survival of the fittest

• In our thesis proposal
• Individual combination of
• cryptographic building blocks
• Fitness combination of
• cryptographic properties
• Evolution combination / mutation of building
  blocks
• Survival of the fittest

7
Automated Creation and Selectionof Cryptographic
Primitives (2/2)

• What fitness?
• E.g. diffusion number of outputs depending
  on 1 input

• Goal automated selection and construction of
  cryptographic functions

Jan.Cappaert_at_esat.kuleuven.be (02.20),
Ozgul.Kucuk_at_esat.kuleuven.be (01.58)
8
Software Security throughEvolution and Diversity

• Distributed software is vulnerable for global
  attacks (cracks)
• 1 attack affects all software with the
  implementation
• Diversity makes programs more resistant to
  automated attacks
• In this thesis
• Implementing a framework that models a software
  population
• Describing attacks and program recombination/prote
  ction that allow software to evolve in order to
  survive.

Protection techniques
program C
program A
program B
Software population
Jan.Cappaert_at_esat.kuleuven.be, Brecht.Wyseur_at_esat.
kuleuven.be (02.20)