Master and PhD thesis applications

Master students. I can supervise master theses on topics related to the courses LELEC2760 and LELEC2770 (see below), and more generally on topics related to security/privacy and statistical learning. Proposals are open to master students in electrical engineering, electromechanical engineering, computer science engineering, mathematical engineering and cybsersecurity. Topics can be adapated with a more or less theoretical flavour, with or without a programming part. Some of them can also be combined with an industrial internship. Interested students can contact me by e-mail to obtain more information. Foreign students should first register at UCL before contacting me.

PhD students/post-docs. I do not maintain a public repository of job offers but may have open positions for PhD students and post-docs from time to time. For prospective PhD students from UCL, the best way to introduce yourself is to follow one of the classes below (and start with a master thesis). International students can contact me by e-mail (in the latter case, I usually expect applications with at least two reference letters (ideally from Professors active in my research fields). For prospective post-docs, the best way to introduce yourself is during a conference or via publications in established venues in cryptography/security (e.g., IACR's general and aread conferences, or this list).

LELEC2760: Secure Electronic Circuits and Systems

ECTS: 5 credits, Lectures: 30h, Exercises: 30h.

Organization. This course covers the different issues that are raised by the design of cryptographic algorithms and their implementation (in hardware and software). It is part of the option in "Cryptography and Information Security", as a complementary to courses in cryptography (LMAT2450) and computer system security (LINGI2347). (The latter courses are not prerequisites, but the natural flow is to start with LMAT2450 and follow with LELEC2760 and LINGI2347). The course is open to any student following a master in electrical engineering, electromechanical engineering, computer science engineering, mathematical engineering and cybsersecurity. The only prerequisites are basic notions from the bachelor in engineering (mathemathics, statistics, programming, ...). In particular, no background in circuit design is assumed and all discussions of implementation issues are carried out at higher abstraction levels. The evaluation combines project works and a written and/or oral examination.

Outline. Cryptography assumes the existence of certain basic primitives/algorithms acting as perfect black boxes in order to prove the security of advanced functionalities/protocols (e.g., encryption, identification, signature). For example, a "block cipher" is ideally assumed to act as a family of random permutations, which could be seen as set of large tables with 2^128 possible inputs. But in practice, these random permutations have to be emulated by an algorithm that can run efficiently on different devices. This emulation of an idealized abstraction with a practical instance may have mathematical weaknesses (e.g., deviations from the random behavior) or implementation weaknesses. The goal of the course is to discuss how practical algorithms can fulfill the properties required by cryptographic protocols while in the same time allowing sufficient performances for being used in real applications. Additionally, it pays a particular attention to the security against so-called physical attacks, in which an adversary not only exploits the regular inputs and outputs of his target device, but also alternative information channels. It finally studies how physical phenomenons can be exploited constructively in a secure system (e.g., in order to generate random numbers, or using biometrics). More precisely, the topics include:
- black box assumptions for cryptographic algorithms and block ciphers,
- mathematical cryptanalysis issues (statistical, algebraic, ...),
- efficient implementation of cryptosystems,
- physical attacks exploiting side-channels (e.g., power consumption, EM radiation, ...) or fault insertion,
- random number generation, biometrics, physically unclonable functions,
- integration of cryptographic hardware devices in secure systems and applications.

Access to course material. Contact me by e-mail.

LELEC2770: Privacy Enhancing Technologies

ECTS: 5 credits, Lectures: 30h, Exercises: 30h.

Organization. This course discusses technical solutions that can be used to improve the privacy of sensitive data in modern information systems. It is part of the option in "Cryptography and Information Security", as a complementary to courses in cryptography (LMAT2450), secure electronic circuits and systems (LELEC2760) and computer system security (LINGI2347). (The latter courses are not prerequisites, but the natural flow is to start with LMAT2450, follow with LELEC2760/LINGI2347 and then attend LELEC2770). The course is open to any student following a master in electrical engineering, electromechanical engineering, computer science engineering, mathematical engineering and cybsersecurity. The only prerequisites are basic notions from the bachelor in engineering (mathemathics, statistics, programming, ...). The evaluation combines project works and a written and/or oral examination.

Outline. The exact course topics may change from year to year. Examples of relevant topics typically include:
- computation on encrypted data,
- databases that can be queried without the server knowing which parts of it are accessed,
- anonymous communications systems,
- digital cash and crypto currencies,
- access control systems that keep users untraceable,
- attacks against privacy (e.g., re-identification, profiling),
- mass surveillance and hardware Trojans,
- adversarial machine learning (adversarial examples, data poisining, membership inference attacks, ...).

Access to course material. Contact me by e-mail.