Centre for Research on Cryptography and Security
Faculty of Informatics
602 00 Brno - Czech Republic E-mail: LastName at fi.muni.cz
GPG/PGP keys - operational (GPG), old (PGP)
Office hours: Mon 11:00-50 & Tue 15:15-50.
Usable security with respect to both end-user and advanced users (e.g., developers). Our work in the
second domain appears as the paper
Why Johnny the Developer Can't Work with Public Key Certificates: An Experimental Study of OpenSSL Usability
at RSA Cryptographers' Track 2018. Work in the first domain
brought interesting findings like
A large-scale comparative study of beta testers and standard users
in the Communications of the ACM or
the paper "Codes v. People: A comparative usability study of two password recovery mechanisms" at
WISTP 2016, and
our paper "On the impact of warning interfaces for enabling the detection of Potentially Unwanted Applications"
was presented at the 2016 European Workshop on Usable Security,
and our paper The Challenge of Increasing Safe Response of Antivirus Software Users
at MEMICS 2015.
Analyzing outputs of crypto primites,
where we analyze outputs of various crypto primitives for their properties,
primarily statistical ones.
Our recent results published as
The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli
(ROCA) received the Real-World Impact Award at the 2017 ACM CCS conference.
Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans
was presented at ACSAC 2017.
Prior to that we published our RSA key fingerprinting findings as
The Million-Key Question – Investigating the Origins of RSA Public Keys
won the best paper award at Usenix Security 2016! Check the previous link for additional resources to this
paper, including an online key classification tool.
Our work also includes examinations of statistical
tests as such, involving also significant
speed-up of NIST STS
and interpretation of the tests. Most recent improvements are described (and algorithms provided) in
Optimizing the NIST Statistical Test Suite and the Berlekamp-Massey Algorithm.
Our webpage on Faster randomness testing
shows some papers on both the speed-ups and also on the interpretation of results.
Constructing empirical tests of randomness
(presented at SECRYPT 2014) shows some results for the eSTREAM candidates and
other results are shown in the paper
Determining Cryptographic Distinguishers for eStream and SHA-3 Candidate Functions with Evolutionary Circuits
(extended version of our SECRYPT 2013 paper).
Security of random number generation with our work
Towards True Random Number Generation in Mobile Environments
from NordSec 2009 (paper
and earlier work with more experimental results appeared in paper
The Sources of Randomness in Mobile Devices, NordSec 2007 (paper
Security of wireless sensor networks,
with focus on security protocols, intrusion detection and also privacy.
We focus on examination of various attacker approaches and models, see the extended version of our CANS 2016 paper
Attackers in Wireless Sensor Networks Will Be Neither Random nor Jumping - Secrecy Amplification Case.
We also presented very interesting protocol designs for secrecy amplification
in wireless sensor networks in our paper
On Secrecy Amplification Protocols
presented at the 9th WISTP International Conference on Information Security Theory and Practice (WISTP’2015).
"Improving Intrusion Detection Systems for Wireless Sensor Networks" is our proposal of a framework for IDS
parameter setting in wireless sensor networks,
presented at ACNS 2014.
Conflicts between Intrusion Detection and Privacy Mechanisms for Wireless Sensor Networks is our article in
IEEE Security & Privacy 11.5 (2013),
"An Adaptive Security Architecture for Location Privacy Sensitive Sensor Network Applications" is our design
presented in a paper at LightSec
2013 - Lightweight Cryptography for Security and Privacy.
"Multi-Objective Optimization of Intrusion Detection Systems for Wireless Sensor Networks" was presented at the 12th European Conference on Artificial Life (ECAL 2013).
Related starting discussion of issues in the area of privacy and IDSs in WSNs can be found in our paper
Attack detection vs. privacy - How to find the link or how to hide it?, presented at the 2011 Security Protocols Workshop.
"Two Improvements of Random Key Predistribution for Wireless Sensor Networks" was presented at the
8th International Conference on Security and Privacy in Communication Networks (SecureComm 2012);
"Evolutionary Design of Message Efficient Secrecy Amplification Protocols" then was our work presented at
15th European Conference on Genetic Programming (EuroGP 2012); and
"On the Credibility of Wireless Sensor Network Simulations: Evaluation of Intrusion Detection System" work presented at
Our work on neighbour-based intrusion detection for wireless sensor setworks,
partly presented at the Sixth International Conference on Wireless and Mobile
Communications (ICWMC) 2010 in Valencia, Spain, is available as the
technical report FIMU-RS-2010-04.
Our work on Secrecy Amplification Protocols for Wireless Sensor Networks appears at the
ACM WiSec 2009, and
other results came out in a book chapter in
Problem to Solution: Wireless Sensor Networks Security by Nova Publishers.
Some of the work on group support for authenticated key exchange and on secrecy amplification is in
technical report FIMU-RS-2007-05.
Examining certain Denial of Service attacks,
where we analyzed the threat of DDoS-for-hire services to low and medium power
cloud-based servers or home users, investigating popularity and availability
of such services, their payment models, subscription pricing, complexity
of the generated attack traffic and performance. Our paper
Service in denial – clouds going with the winds
was presented at the
Network and System Security 2015.
Analyzing traffic features of common standalone DoS attack tools
came with a comparative analysis of traffic features of DoS attacks that were generated by
state-of-the-art standalone DoS attack tools. We provide a classification of different attack
traffic features, including utilized evasion techniques and encountered anomalies.
We also proposed a new research direction for the detection of DoS attacks at the source end,
based on repeated attack patterns recognition.
Study of biometric authentication systems.
A full version of a paper written with Zdenek Riha and presented at the Computer
Information Systems and Industrial Management Applications 2010 conference, is
available as the
technical report FIMU-RS-2010-07.
We have a book on biometric authentication (in Czech), where I took care of co-editing (and
writing up some) chapters.
An older summary paper reviewing major
and usability issues of biometric authentication systems was presented at the
Communications and Multimedia Security Conference, summary of trends and visions
was presented at the Information Security Summit 2002, and few other papers
presented at other conferences. A good summarizing article
Toward Reliable User Authentication through Biometrics
appeared in IEEE Security & Privacy and an introductory technical report written also
with Zdenek Riha is also
Infocommunications Journal and
Data Security Management (DSM -
Czech security journal published quarterly), where I'm member of the journal Editorial
Board. (And I shouldn't forget the latter's annual Information
Security Summit, the region's prime event in the area of information security.)
My lectures in security/crypto here at the Masaryk University:
More information on these courses can be found through the university webpages
on my courses,
and our centre at FI.
Information for our students inquiring about supervision, support, etc. can be found
at this page.
I supervise PhD students
and I had the pleasure to supervise PhD graduates
Jan (Honza) Krhovjak,
Applied Cryptography (PV079 - in English).
Seminar on Information Technology Security (PA018 - in English).
Postgraduate Seminar on IT Security and Cryptography (PA168 - in English).
Securing Data and Privacy (PV080 - taught in Czech - Ochrana dat a informacniho soukromi).
Authentication and Access Control (PV157 - taught in Czech - Autentizace a rizeni pristupu).
- Shouldersurfing attacks,
namely in relation to the Chip&PIN card payment authorisation. We conducted an intensive study
to compare the (in)security of signature- vs. PINpad-based payment
authorisation by customers. More results came out in an IEEE Computer
article, results from
the first round of our experiments are available either as
(final version can be found in the proceedings of
2005 Cambridge Workshop on Security Protocols).
on these and related issues on authentication and authorization is available in Czech.
- Information privacy, where we undertook another privacy valuation experiment,
results from which are prepared for a publication, following the attention of both expert
and general public that has been drawn to our
Value of Location Privacy paper
(copyright ACM, presented at WPES 2006). This work has been undertaken in the framework
of activities around the FIDIS Network of Excellence.
Earlier on, we also examined ways to model the state of privacy in a given
system - and possibly to use this model for evaluating various aspects of privacy.
We started with a critical review of the older Common Criteria approach, provided
for additional definitions of unlinkability and also refined the approach, revising
also the Freiburg Privacy Diamond work of Alf Zugenmeier et al.
Preliminary results of our work are in contributions to the Privacy and Security
Ubicomp 2004 and
Fourth IEEE International Conference on Data Mining,
and the underlying considerations were presented at the Cambridge Workshop on Security Protocols.
In my earlier work in this area, I also worked on analysing
and reporting doctor-level prescribing information in the Xponent project with
IMS Health. A paper (draft of which is
available here) for
Healthcare Informatics Journal 4.3-4 outlines some of the issues. Yet older work
involves participation in drafting the Privacy Class of the
Common Criteria, and also work
relevant to the Canadian privacy scene that was presented as the Technical Report
Privacy in Canada (Legislation in the Face of Changing Technologies)",
TR-246, School of Computer Science,
Global Internet Trust Register published by MIT Press in March 1999 contains the
fingerprints of many important public keys used throughout the world, and you
can read more on the effort here.
- IT Security Terminology, of course with focus on the Czech
language. A part of this effort is oriented towards "English-Czech Terminology
of IT Security" - a dictionary with Czech explanatory notes, published by the
Computer Press, s.r.o. Praha 1996. Second
issue is now on the horizon.
- Security Evaluation Criteria where did some work on the Communication
and Privacy Classes for the Common
Criteria v0.9 in cooperation with the Canadian Communications Security Establishment.
Just in case you met me during my 2017 sabbaticals with
Red Hat Czech
and CyLab, Carnegie Mellon University,
or in 2011/12 as a Fulbright-Masaryk Visiting Scholar
at the Center for Research on Computation and Society (CRCS),
Harvard University, or in 2003/04 either as a Visiting Researcher
with Microsoft Research Cambridge,
or a Visiting Lecturer with University College Dublin,
Department of Computer Science, then yes, it is me. :-)
And again thanks to all these institutions, their employees, and other visitors at the
time for their kind hospitality and/or inspiring discussions.
E-mail: LastName at fi.muni.cz
Last update: Feb 20, 2018.