We are pleased that you are interested in writing your thesis with us. We cover theoretical and practical fields as well as any combination of them. Similar approaches, organisational regulations and framework conditions apply to each thesis.

  • Topics

    First of all, you should consider which subject areas you are most interested in or which are best suited to you. You will then select at least two topics that could be considered for a thesis. Topics can be found here on the Chair's website, but of course you can also contact us personally or by e-mail. Alternatively, you can also raise your own topics.

    You can then send us an e-mail with your desired topics and explain why you are interested in these topics, stating your qualifications. We will then send you an appointment suggestion so that we can agree on a final topic in a personal meeting. In the best case, you will receive the absolute topic of your choice and we can include your results in our work or teaching.

    Possible Topics

    Implementierungen für CrypTool 2

    CrypTool 2 is an open-source program that allows you to try out various cryptographic methods. CrypTool 2 provides a visual programming interface which easily can be used to integrate and manipulate cryptographic functions into workflows. More specifically, the individual cryptographic methods are implemented by so-called plug-ins, which are represented by individual graphical objects. These can be combined with drag & drop on the graphical user interface. This approach makes it easy to visualise complex processes and thus to understand them better.

    Several existing cryptographic methods are to be implemented so that they can be officially recorded in CrypTool 2. This also includes the creation of documentation, the clean structuring and commenting of the source code, etc. The exact selection of the topics to be implemented is discussed with the student and the CrypTool 2 team.

    Privacy-Preserving Recommender System

    Recommender systems provide user recommendations on which objects (e.g. books, films, places) might be of interest to them. Naturally, this requires information about the user himself, which entails the risk of data misuse (e.g. transferring the interests of the customer to third parties for advertising purposes). Together with the Technical University of Darmstadt, a cryptographic method was developed, with which a user can still receive a recommendation, but without having to disclose information about himself. This is achieved by sending only encrypted data about the use to the recommender system. For this purpose, a new encryption method is used, which allows the recommender system to calculate the recommendation for the user directly on the encrypted data. The result is the encrypted recommendation which can be decrypted by the user while the recommender system has not learned anything about the data.

    The method has to be reviewed, displayed and implemented. Especially the safety analysis, which has hitherto only been carried out under idealistic assumptions, has to be considered when reviewing the method.

    Smart Contracts

    Smart contract is a term used to describe computer program code that is capable of facilitating, executing, and enforcing the negotiation or performance of an agreement (i.e. contract) using blockchain technology. The entire process is automated can act as a complement, or substitute, for legal contracts, where the terms of the smart contract are recorded in a computer language as a set of instructions.

    This thesis will comprise two parts. In the first part, smart contracts are explained, providing all necessary background for a reader to understand the technical working principle. In the second part, practical use cases for smart contracts are investigated. 

    Plugin Development Using CrypTool 2: Attacking Key Schedule of the ciphers.

    In this project  it will not be needed to start from the beginning, but to complete the 2 existing projects:

    1. Exploiting (Searching for) Weak-Key IV Pairs in Stream Ciphers 
    2. Slide Attacks on Block Ciphers 

    These are 2 almost completed tasks from the last year TeamProject, where  the CrypTool 2 platform was used to demonstrate so-called slide attacks on the block ciphers, and how weak key-IV pairs can be used for attacking stream ciphers. 

    The person working on the project will need to to read and revise the documentation, to understand the ideas of both attacks, to understand how the implemented plugins work, to improve the plugins which refer to slide attack on block ciphers, to improve the templates which demonstrate how to use the plugins,  to write the online help for the plugins.

    The plugins are developed using C# programming language. The development is done using Microsoft Visual Studio environment.

    Contact person: Vasily Mikhalev

    Analyzing $IotDevice

    This is a more or less generic topic open to anyone who wants to void some warranties of their $IotDevice to either simply see how things work under the hood or even trying to get $IotDevice to do things it was not designed for in the first place.

    If you already have $IotDevice, bring it, or maybe you have a favorite $IotDevice you would like to analyze. Either way, contact Christian Müller to discuss the details.

  • Registration

    After we have agreed on a final topic, we will discuss the content wise details with you. This will be handled individually for each thesis and usually happens during the meeting of the topic selection. Finally, we agree on the rough content and we will send you a table of contents. This serves as a guide to the processing for you and helps us with the evaluation. Thus, both parties have a fair basis.

    If you agree with the subject and the content, we need some additional information from you to register your thesis. This includes, for example, the language of choice for your thesis. You can choose between English and German. Also, the deadline will be set with registration to confirm the date on which you must submit your work. The available period of work is dependent on the type of thesis and your examination regulations – as a rule, it is three months for Bachelor theses and six months for Master theses.
    The start of a thesis is independent of other organisational appointments such as exam or term times.

  • Writing and Formalities

    In general, we are much more interested in content than in form. In other words, you are free to write the text of your thesis with LaTeX, Word or any other program. However, we recommend the use of LaTeX.

    Font, font size, line spacing, margin and the like should be chosen appropriately. For the scope, we propose 30 pages for a Bachelor thesis and 60 pages for a Master thesis. However, this is only a rough guideline and, in most cases, unimportant. You should be able to write down the content in a precise but detailed way and use a scientific writing style. Depending on the topic, including screenshots, graphics and source code is beneficial. As a result, the guideline for the scope can change very quickly.

  • Supervision

    It is up to you how to allot your time for your thesis. However, we recommend that you regularly contact us, your supervisors. This ensures that you can get feedback and thus avoid deepening in the wrong place. Keep in mind that a positive feedback can help you. Discuss the type of care with your supervisor.

  • Submission and Presentation

    At the latest you must submit your final thesis on the last day of your working time. To do this, please hand in two versions in print form and a signed affidavit at our offices. In addition, you must send a PDF version of your final thesis to your supervisor. The printouts should be printed on both sides. The binding is up to you, but we prefer a ring binding.

    Depending on your examination regulations you must also hold a presentation on the topic of your thesis. As a rule, the presentation of Bachelor theses is voluntary and the one of Master theses is obligatory for students who started their studies in or after the fall semester of 2013. However, even if you do not have to hold a presentation, we recommend you to take advantage of this opportunity. You can learn how to present your material in front of a professional audience and, if necessary, to convey some of the topics more profoundly or interactively than in your record. Such a presentation should take about 30 minutes, followed by a colloquium.
    Please note that your presentation will not be graded.

    Previous theses

  • Bachelor theses

    HWS 2018

    • Security Analysis of Smart Door Locks (Christian Müller)
    • Security Analysis of A Wireless Infant Care System (Christian Müller)

    FSS 2018

    • Analyse des Rowhammer-Effekts (wiss. Arbeit; Christian Gorke, Christian Müller)
    • Evaluating Security of Messaging Applications and their Underlying Frameworks (Christian Gorke, Christian Müller)
      Auswerten der Sicherheit von Nachrichtenanwendungen und den unterliegenden Frameworks
    • The NSA Surveillance Revelation (Christian Gorke, Christian Müller)
      Der NSA-Skandal
    • Printer Steganography (Christian Gorke, Christian Müller)
      Drucker Steganographie

    HWS 2017

    • Achieving Privacy in Cryptocurrencies Based on Smart Contracts (Christian Gorke)
      Privatsphäre in Krypto-Währungen Basierend auf Smart Contracts
    • Co­untermeasures for Relay-Attacks in Automotive Security (Christian Gorke, Christian Müller)
      Gegenmaßnahmen für Relay-Angriffe in Automobiler Sicherheit
    • FHE-Simulator: HElib (Angela Jäschke)
    • FHE-Simulator: SEAL (Angela Jäschke)
    • Proofs of Retrievability: State of the Art (Christian Gorke)
      Proofs of Retrievability: Stand der Technik
    • Systemization of Proofs of Location Schemes (Christian Gorke)
      Systematisierung von Proofs of Location Verfahren

    FSS 2017

    • Comparison of Trusted Computing Techniques (Christian Gorke)
      Vergleiche von Trusted Computing Techniken
    • Cross-Browser Fingerprinting Techniques and Their Applications (Christian Gorke)
      Cross-Browser Fingerprinting Techniken und Ihre Anwendungen
      Best thesis of the year 2016/2017 / Beste Abschlussarbeit des Jahrgangs 2016/2017
    • Differential Privacy in Neural Networks (Christian Gorke, Angela Jäschke)
    • Evaluating Windows 10 Privacy (Christian Gorke, Christian Müller)
    • Kryptomalware aus dem Darknet (Christian Gorke)
      Crypto Malware from the Darknet
    • Von L bis O: Veränderungen des Android Sicherheits­modells (Christian Gorke)
      From L to O: Changes in the Android Security Model

    HWS 2016

    • Experiments for Secure Mobile Authentication Using Gestures (Christian Gorke)
    • Inferring Occupancy, Activity and Subject from Room Climate Data (Christian Müller)
    • Lattices And Their Application On Fully Homomorphic Encryption Schemes (Angela Jäschke)

    FSS 2016

    • Warum Krypto-Einschränkungen der 90er Moderne Sicherheit Schwächt (Christian Gorke)
      Why 90s Crypto Restrictions Weaken Modern Security

    FSS 2015

    • Attacking Scammers (Christian Gorke)
      Best thesis of the year 2015/2016 / Beste Abschlussarbeit des Jahrgangs 2015/2016
    • Analysis of App-Communication Mechanisms in Windows Phone 8.1 (Christian Gorke)
      Best thesis of the year 2014/2015 / Beste Abschlussarbeit des Jahrgangs 2014/2015
    • Motion Sensors in Android Devices (Christian Gorke)
      Bewegungs­sensoren in Android Geräten

    FSS 2014

    • Software-Based Attestation (Christian Gorke)
      Software-basierte Attestierung
  • Master theses

    HWS 2017

    • Cloud Computing Security Auditing Approaches and Challenges (Christian Gorke)

    FSS 2017

    • Incident Responses and Big Data (Christian Gorke)
    • Incident Security (Christian Gorke, Christian Müller)
    • Investigation of Different Techniques and Use Cases for Cloud Auditing (Christian Gorke)
    • SMAUG in the Plane (Christian Gorke)

    HWS 2016

    • Inferring Passwords from Motion Data on Mobile Devices (Christian Gorke)

    FSS 2015

    • Touch without Screen: Indirect Recognition of Taps and Wipes on Windows Phone (Christian Gorke)

    HWS 2014

    • Implementation and Evaluation of a Compact Proof-Of-Retrievability Algorithm (Christian Gorke)