Springe direkt zu Inhalt

Offene Master-Arbeiten

Bachelor/Master Thesis Opportunities in Privacy-Preserving Medical Machine Learning

Arthur Ribeiro de Menezes, available immediately

Introduction/Background

 The research group Cognitive Security Technologies at Fraunhofer AISEC in Berlin is offering Bachelor and Master students the opportunity to conduct research in the field of medical machine learning with data privacy. The thesis will be conducted under the scope of a project focused on enabling the sharing of anonymized medical data through data synthesis powered by machine learning models.

 Topic Description

 Potential topics may include:

  • Synthesizing medical data (e.g., MRI or tabular data) using advanced ML techniques such as diffusion models, normalizing flows, GANs and variational autoencoders (VAEs).
  • Evaluating synthetic datasets for downstream utility.
  • Conducting privacy audits of data synthesis methods, including membership inference and reconstruction attacks.
  • Training machine learning models for data synthesis with differential privacy guarantees.
 Requirements

 Mandatory:

  • Programming skills in Python.
  • Foundational knowledge of machine learning and neural networks.

Desirable:

  • Experience with machine learning frameworks (e.g., PyTorch, TensorFlow).
  • Familiarity with privacy concepts (e.g., differential privacy, privacy attacks).

 

Exploring the attacks on an existing PQC-scheme

Niklas Julius Mülleravailable immediately

Quantum computers have the ability to efficiently decode current cryptographic schemes like RSA within polynomial time. To establish secure communication even when Quantum Computers exists the National Institute of Standards and Technology (NIST) started a competition to find a Post-Quantum-Cryptography (PQC) standard that could be used around the world. The aim of this work is to understand a proposed scheme and (a) corresponding attack(s). This work can be focused either on the cryptographic scheme or the attack(s). The focus and expectations will be discussed individually depending on the student. The overall goal of this work is to shed light on the needed security of PQC-schemes and different attack vectors for such systems.

Requirements

HSP for the dihedral Group

Niklas Julius Mülleravailable immediately

The Hidden Supgroup Problem (HSP) searches for a Group H “hidden” by a function f, i.e., f(x) = f(x+h) for all h \in H. The algorithm of Shor solves this problem on a quantum computer for finite abelian groups and \Z. For modern cryptographic systems the non-abelian dihedral Group is of particular interest due to its connection to lattice problems. G. Kuperberg devised a subexponential-time quantum algorithm for the dihedral hidden subgroup problem and improved it. The aim of this thesis would be to understand both algorithms and make them understandable.

Requirements

Exploring the Relationship Between the Fourier Spectrum of Boolean Functions and Their Algebraic Normal Form (ANF) in quantum setting

Cezary Pilaszewiczavailable immediately

Quantum computers have the ability to efficiently encode the Fourier Spectrum of a Boolean function in superposition, enabling the identification of strong linear approximations within polynomial time. Each approximation is weighted by its fitness, increasing the likelihood of measuring optimal results. This thesis will explore the relationship between the distribution of the Fourier Spectrum and the Algebraic Normal Form (ANF) of Boolean functions, with a focus on understanding how these properties influence the learnability of such functions. The core question addressed will be whether functions that are well-approximated using quantum algorithms can also be effectively approximated using classical computing methods. Through this investigation, the study aims to shed light on the comparative strengths of quantum and classical approaches in Boolean function approximation.

Requirements

An Analysis of the Vulnerability of Quantum Key Distribution (QKD) Implementation Schemes to Man-in-the-Middle (MitM) Attacks

Cezary Pilaszewiczavailable immediately

Quantum Key Distribution (QKD) is an emerging field that leverages the principles of quantum mechanics to ensure secure communication, offering unique guarantees based on the physical properties of quantum systems. However, the primary focus of QKD development has been on addressing physical limitations, often leaving potential vulnerabilities, such as man-in-the-middle (MitM) attacks, underexplored.

This thesis aims to examine the resilience of various QKD implementation schemes against MitM attacks. By analyzing specific QKD implementations, such as "Quantum encryption in phase space with displacement operators" by Randy Kuang & Adrian Chan, the study will assess the mechanisms employed to prevent these attacks. The outcome will provide a comprehensive analysis of different QKD schemes and a clear rationale for the inapplicability of MitM attacks in certain implementations. This research will contribute to a deeper understanding of the security measures necessary for robust QKD systems.

Requirements

Creation of privacy icons or alternative simplifications for a more comprehensible data protection policy

Sandra Kosticavailable immediately

Privacy policy and cookie settings are content that a user has to deal with almost every day while browsing. The problem is that these privacy policies are often very long and also difficult to understand. The motivation now is to make this privacy policy more understandable and clearer, in order to get an impression of the content at a glance.

 The goal of the thesis is to develop privacy icons or alternative simplifications to summarize privacy policies. These elements should not only be developed, but also evaluated in terms of their comprehensibility and user-friendliness.

The thesis can be written in German or English.

Requirements

Basic knowledge of usability, usable security and UI/UX design. In the best case, a finished module in the context of Human Centered Computing or Usable Security can already be proven.
 

Quantitative survey on digital identities and wallets

Sandra Kosticavailable immediately

Digital identities are used to identify oneself online. In order to be able to identify oneself with different identification documents, it is possible to use so-called identity wallets. They allow the user alone to decide which data is sent to which provider for the purpose of identification. Since personal data is handled in this case, it is relevant for the acceptance of such solutions that the user also trusts the application.

 The goal of this thesis is to develop a survey questionnaire to collect requirements for digital identities as well as wallets. The focus will be on factors that strengthen trust in such solutions. What factors are there and how can they be prioritized?

The thesis can be written in German or English.

Requirements

Basic knowledge of usability, usable security and UI/UX design. In the best case, a finished module in the context of Human Centered Computing or Usable Security can already be proven
 

Practical Evaluation of an Anonymous Credential System with Device Binding and Time-Based Revocation (LVVC)

Christoph Graebnitzavailable immediately

Introduction/Background

Digital identity management systems must ensure high authentication security while also protecting users' privacy. Anonymous credentials enable the disclosure of only the information necessary for a specific transaction. To enhance security, the mechanism of device binding is employed, wherein issued credentials are firmly attached to a specific device (e.g., via Secure Elements or Trusted Platform Modules) to prevent copying or unauthorized reuse. Simultaneously, a time-based revocation mechanism using Linked Validity Verifiable Credentials (LVVC) allows for the automatic or as-needed revocation of credentials. The combination of these mechanisms – device binding, selective disclosure, unlinkability, and time-based revocation – presents a unique technical and conceptual challenge, as the interplay between security properties and privacy must be ensured in a consistent system. The work by Graebnitz et al. specifies such an anonymous credential system with the measures described above, but leaves a practical evaluation open.

Topic Description

This master’s thesis examines the anonymous credential system specified by Graebnitz et al.,which integrates the following key mechanisms:

  • Device Binding: Securely binding the credentials to a physical device, thus preventing unauthorized duplication. 
  • BBS⁺ Signatures: The use of modern cryptographic techniques for efficient and privacy-friendly authentication. 
  • Time-Based Revocation using LVVC: A mechanism that checks the validity of credentials at regular intervals and revokes them if necessary.
Objective
  • Prototype Implementation: Development of a functional prototype that integrates device binding, BBS⁺ signatures, and the time-based LVVC revocation mechanism. 
  • Experimental Evaluation: Measurement and analysis of performance metrics (such as throughput, latency, and scalability) using real hardware components (e.g., Secure Elements or Trusted Platform Modules). 
  • Comparison: A comparison of the results with conventional revocation approaches (cryptographic accumulators and lists) to investigate the efficiency of the time-based LVVC mechanism.
Requirements

This work is aimed at computer science students or students of related fields with a fundamental understanding of cryptography and IT security. Practical experience in implementing cryptographic protocols as well as knowledge of working with hardware components (such as Secure Elements or Trusted Platform Modules) is advantageous (optional). The topic particularly appeals to those who want to combine practical research with a focus on integrating and evaluating privacy-friendly authentication systems.
 

Formal Security Analysis of an Anonymous Credential System with Time-Based Revocation (LVVC)

Christoph Graebnitzavailable immediately

Introduction/Background

The security of digital identity systems is based not only on a reliable implementation but also on a solid theoretical foundation. Anonymous credentials allow for the demonstration of permissions without disclosing unnecessary information. In this context, BBS+ signatures combined with zero-knowledge proofs guarantee essential properties such as minimal information disclosure, unlinkability, and non-duplication. This approach can be complemented by a revocation mechanism that controls the validity of the credentials using time-based Linked Validity Verifiable Credentials (LVVC) without compromising user privacy. The work by Graebnitz et al. specifies such an anonymous credential system, yet leaves a rigorous security proof open.

Topic Description

This work is dedicated to the development of a formal security model for the anonymous credential system specified by Graebnitz et al. It aims to precisely define and mathematically prove the central security goals – minimal disclosure, unlinkability, non-duplication, and privacy-preserving revocation.

Specifically, the work includes:

  • Modeling: Formal definition of the system components and security goals.
  • Proof: Development of a complete security proof using modern proof techniques (e.g., within the Universal Composability (UC) framework or employing tools such as Tamarin).
Objective
  • Formal Model: Creation of a precise model of Graebnitz et al.'s anonymous credential system, including all relevant parameters and protocols.
  • Security Proof: Development of a comprehensible, formal proof that demonstrates fulfillment of the defined security goals under realistic assumptions.
  • Documentation and Evaluation: Detailed analysis of the strengths and any potential weaknesses of Graebnitz et al.'s approach in comparison to conventional solutions.
Requirements

Students with a strong theoretical background in mathematics and cryptography, as well as solid knowledge of formal methods and proof techniques. Experience with theoretical modeling and the formal verification/application of cryptographic systems is desirable (optional).