Project ideas from other universities

Sample projects completed at Georgia Tech, Winter 1996

---

Byte-Stream Security; Zongmei Fei and Ting Zhou.
Implemented a secure sockets library using DES encryption and Needham-Schroeder authentication (with KDC).

Encrypting Telnet Proxy; David Aylesworth.
A proxy that uses SSL encryption and session key distribution on one side, supported by the Telnet AUTHENTICATION option of RFC~1416.

A Secure Talk Implementation; Rob Coleman.
A talk application based on encrypted (DES) communication between clients via a trusted server.

Internet Firewalls; Al Leach and Daranee Payattakool.
Comparison of available internet firewall products plus an evaluation of security of a portion of the campus network using SATAN.

SOS: Security On-top-of Sockets; Yusuf Goolamabbas, Lokesh Srinivas, and Ami Feinstein.
A plug-in replacement for socket communication, providing secure communication using IDEA and Diffie-Hellman key exchange (uses RSAREF).

Modified Internal Chaining DES; Scott Harris.
A modified encryption facility that does chaining on the inside, and uses a 64-bit key.

A Secure Protocol for Client/Server Applications; Tianji Jian and Jing Lei.
Another secure sockets layer that uses DES and Otway-Rees (with KDC) for mutual authentication.

Probabilistic Methods for Primality Testing; Mary Chamlee.
A discussion of the Soloway-Strassen and Miller-Rabin yes-biased Monte Carlo algorithms for COMPOSITE.

Analyze the Security of Java; Chang-tien Lu.
A discussion of all aspects of Java security, from compiler through byte-code verifier to run-time system.

Analyze the Security of RC5; Liqin Shi.
A statistical analysis of the characteristics of RC5 with variable numbers of rounds.

Secure DNS Client Implementation; Alex Snoeren.
Modification of the host program to conform to the Security Extensions to DNS, as described in the draft by Eastlake and Kaufman.

Analysis of Network Security for a Public Safety Department; Craig Scott Smith.
A look at the security implications and alternatives for the use of wireless data networks by a municipal Police/Fire department.

---

Project suggestions (Dunigan, UT Knoxville)

• trust analysis: PGP web of trust vs. trust hierarchy
• techniques for generating crypto random numbers and survey of what various crtypo packages use to generate random numbers
• NSA's FORTEZZA card and key escrow issues
• security features of various software packages: data bases, OS's (Windows 2000, NT, Mac OS 9, Plan 9,...) or various free UNIX: linux, freebsd,openbsd
• vulnerabilities revealed by traffic analysis
• secure OS technologies (EROS, TMACH, CMWs)
• secure linux (bastille, others?), OpenBSD
• securing NT ( or UNIX)
• computer architectures for security
• digital steganography (ascii text, mail headers, ps, html)
• digital watermarks and copyrights
• vulnerabilities of Java, javascript, ActiveX
• Java 1.2 security and crypto services
• applets or interactive web thingees to illustrate/teach crypto concepts
• techniques/algorithms for hi-speed crypto (parallel)
• DNS security
• detecting sniffers
• disk encryption products/algorithms (cfs, scramdisk, ppdd, tcfs, ...)
• compare v1 to v2 of ssh (or old PGP vs new PGP)
• Public-key for authentication: ssh, globus, kerberos, safetp
• cryptographic hashes
• backtracking denial-of-service attacks (spoofed source address)
• information warfare/ cyber terrorism
• IPsec key mgt: photuris, skip, isakmp, skeme, IKE
• key distribution for multicast sessions
• ATM (asyncrhonous transfer) security
• wireless security (wap's wtls), 802.11 WEP, mobile IP
• cell phone security (gsm, cdpd, ...)
• bluetooth security (wireless)
• data over cable (docsis)
• encryption in banking or e-commerce
• win2000 security
• security in globus
• security of DVD's and/or MP3 follow-on
• electronic payment schemes (ikp, ecash, ...)
• micropayment schemes
• security of snmp (v1 vs v3)
• elliptic curves in security
• compare 3 of the AES candidates
• chaotic functions as one-time pads
• secure time services (timeofday/ntp, timestamps)
• compare firewall products
• authorization models (capabilities, ACLs)
• virtual private networks VPNs (Windows 2000?)
• compare UNIX scanners (ISS, COPS, SPI)
• immutable executables (signed applets, ?)
• X.509 certificates and CA's
• SDSI or SPKI or X.509 hierarchies
• https/SSL performance
• survey of tests for randomness
• contrast various tests for primality
• compare secure file transfers (scp, sftp, ?)
• electronics (tempest, wiretaps, EMP guns, biometrics)
• security in distributed computing (DCE, DCOM, CORBA, RMI)
• crypto API's (GSS, CAPI, Java JCE, others ?)

• implement 64-bit block ciphers (on Alpha)
• performance comparison of: ciphers, hashes, public key
• C++ or Java class library for crypto
• performance comparison of Java crypto vs C/C++
• performance comparison of AES ciphers
• analyze performance compression before encryption
• automatic cryptanalysis of some hand cipher
• implement and analyze of TEA or RC5 or ?
• web based electronic voting
• add intel hardware RNG to /dev/random
• SSL chat program
• setup secure Apache web server and certificates
• internet poker with session keys, public/private keys
• digitial cash (Schneier, pg 142, protocol 4)

---