Prof. Dr.-Ing. Tibor Jager


We offer theses for many topics in the area of IT security and cryptography. The offered theses cover a wide area of topics ranging from application-related to theoretical or research-related. We are always looking for motivated students who are interested in writing a thesis in our group. Below you can find a description of some current research projects in our group. If any of the research projects piques your interest and you want to write a thesis related to the project please contact Tobias Handirk (tobias.handirk{at} Furthermore, you are always welcome to propose your own ideas for a thesis topic in the area of IT security and cryptography, that is not related to our current research projects.

Ongoing Theses

  • Erweiterung des CIC-IDS2017 Trainingsdatensatzes mit Bleichenbachers Angriff (BA, Hendrik Dappen)
  • Automated Breaking of Historical Substitution Ciphers (BA, Adrian Ackermann)
  • Multi-User ORAM (BA, Felix Kauka)

Finished Theses


  • Sichere Implementierung Elliptischer Kurven in eingebetteten Systemen (MA, Timo Witte)


  • Explanation of the Briar App (BA, Pascal Jeschke)
  • Length-Hiding Encryption: Implementation and Analysis (BA, Tom Neuschulten)
  • Isogeny-based Signatures (MA, Jonas von der Heyden)
  • Detection of Timing Side Channels - Extending the AutoSCA Tool (BA, Anastasija Berlinblau)


  • Formalizing Security for Session Resumption Across Hostnames (MA, Tobias Handirk)
  • Instanziierung von Verifiable Random Functions mit Computational Admissible Hash Functions (BA, Robin Stunic)
  • Efficient Point Multiplication on Elliptic Curves (BA, Robin Jaroschek)

Automated Breaking of Historical Ciphers

There are many historical ciphers that to this date remain unbroken such that existing encrypted texts are impossible to understand. Many historical ciphers are substitution ciphers, where every character of a plaintext is substituted by a corresponding character or symbol in the ciphertext. Many substitution ciphers have been broken in the past by analysing the most common symbols in the ciphertext and correlating this information to the statistical frequency of letters in the language of the plaintext. Nevertheless this simple approach was not yet successful for some historical texts. The goal of this project is to further improve this approach to be able to decrypt these ciphers. Theses related to this project can help designing and implementing a software tool that is able to automatically break these historical ciphers.


In the AutoSCA project we research the automated detection of side channels like Bleichenbacher oracles with the help of machine learning. Our Python prototype (Autosca-tool) uses Python scripts, that translate interactively generated network traces into machine learning suitable formats and train classification algorithms like Random Forest or Neural Nets. An essential component to increase the detection rate of our approaches are comprehensive experiments with open source TLS implementations. Following this research many questions arise, which can be answered in the context of a thesis. Some example for these questions could be the following: 

  • Can the use of TLS in the cloud, where assumptions made in the construction of TLS like client-server communication patterns and machine separation no longer hold, lead to new possible attack scenarios?
  • Is it possible to parallelise the feature extraction from large network traces by considering the structure of the recorded TCP sessions?
  • Can we develop humanly interpretable results of machine learning algorithms by making use of the unique opportunities for visualisation provided by the application of network trace analysis?

Secure Storage for Encrypted Instant Messaging

The problem of securely storing messages and media in Instant Messaging (IM) environments has tremendous practical importance. Even though there has been a lot of research on the security of IM, this has mostly focused on the security of messages during their transmission and it is unclear what kind of security guarantees we can achieve when storing these messages on a device or on a back up server. In this project we aim to close this gap and provide precise security definitions for local as well as outsourced storage. A thesis in the context of this project could e.g. examine what techniques are currently used by IM services to store messages and media locally and in back ups and what kind of security guarantees these techniques provide.

Length-Hiding Encryption

When encrypting two messages of different length with a block cipher the resulting ciphertexts will typically also be of different lengths. There are many examples of attacks that make use of this observation to gain sensitive information such as the webpage visited by a user or phrases spoken in a voice-over-IP conversation. In this project we aim to develop encryption schemes where the length of the ciphertext reveals no information about the length of the plaintext. An essential building block in such Length-Hiding Encryption schemes is a length-hiding padding that is appended to the plaintext before it is encrypted. A thesis related to this project could e.g. implement such a padding scheme and analyse its efficiency in comparison to other existing solutions.

More information about #UniWuppertal: