6.857: Computer and Network Security
Term Projects
Project ideas
One source of ideas for your final project might be Phillip Hallam-Baker's new book, The dotCrime Manifesto. Hallam-Baker has compiled a short list of potential projects related to the book . We encourage you to take a look at this page and consider the suggested projects.
Individual Project Pitches
We have put together summaries of the project pitches. Use them for inspiration, or to find team-mates.Topics from Previous Years
- SmartBoard -- Encrypted BBS with Secure Server
- Secure Message Passing for High-Performance Distributed Computing
- Security and Usability of Card-Based Ciphers
- Security Policy and Mechanisms for Electronic Personal Health Records
- NetWatch: Taking Back the Internet
- Analyzing Network Traffic from a Class B Darknet
- Flingetty: Secure Multiparty Computation for a Dating Match-up System
- Quantum Cryptography: A Viability and Security Analysis
- Proposed Standard for DVD Security
- Secure Peer-to-Peer Backup Systems
- Anonymous Routing in a Peer-to-Peer Network
- eSnack
- Analysis of Password Recovery Schemes
- Secure Corporate IM
- An Incentives-based Framework for Secure Peer-to-Peer Media
- Continual Authentication with Keystroke Dynamics
- Enhanced User Authentication Through Keystroke Biometrics
- Two Perspectives on PGP Usability
- An Investigation of Current Methodologies in Buffer Overflow Attack and Prevention
- The Security of Time
- User Tracking on Trusting Networks
- SEC: SSH like client
- A Secure Media Distribution Framework
- How to Make the User Authentication Process in MS Passport More Secure
- Blinded Distributed Computing
- Security of Wireless Networks and Mobile Devices
- Cracking Digital Satellite TV
- User Authentication in Cryptographic File Systems
- Steganography in Spam
- Proactive Cryptography Applications in Smart Cards
- Execution-Based Software Protection
- Steganography in TCP timestamps
- Rethinking Software Piracy: Active Software Rights Verification for Effective Control of Piracy
- Reputation-Based Certificate Authorities
- Cookie authentication
- Analyzing the Security of 802.11 Wireless Networks
- Threshold Signatures and Open Source
- Honeypots
- Security and Privacy Issues of Microsoft Passport
- Security Aspects of Unicode
- Digital Signatures for Physical Mail
- Differential Fault Analysis of RC5
- Secure Instant Messengers
- A Review of AES Candidates
- A Payword Implementation
- An Analysis of TIMEBOMB
- Purple: Japanese ciphers in WWII
- Identity Theft
- Approaches to MIXNets
- SmartCards: Back from the Dead
- Payment via GSM Mobile phones
- Digital Multimedia Copyright Protection
- Security Analysis of Electronic Postage Systems
- Security of Network Attached Storage
- Software Bugging
- Design of a secure Pilot-based Authentication System
- Intrusion Detection Systems
- Cellular Telephone Security
- A Computer Testing System
- Copyright Protection Mechanisms in DVD + divx
- CGI Security Issues
- Network Access Controls
- Digital Money-- Fault Tolerant Multibank System
- Security Policy Models
- An Overview of Biometric Technologies and their Real World Applications
- Netbook
- Secure Sockets Layer 3.0: Overiew and Analysis
- Secure Perfectly Forward Secure Email Wizard
- Cryp: An All-or-Nothing Encryption Scheme for Secure Multi-user Information Distribution
- Frosty the Random Number Generator
- Impact of Quantum Theory on Cryptography
- Cartemis:Secure Electronic Wallet Technology
- Preventing Media Piracy
- Netscape's "What's Related" Service and Privacy/Security Issues
- Secure Electronic Poker
- PGP vs S/MIME
- A Study of SSH
- ATM A trusted machine?
- Secure Mobile Code Framework
- Pseudonyms and Credential Transfer
- Electronic Payment Schemes
- eCheck:A Safety-Oriented Electronic Check Scheme
- Computing with Encrypted Data
- Receipt-Free Secure Elections
- A well-hidden module for remote control of Linux machines
- The feasibility of quantum computation
- Network Security for Chat Programs
- Electronic Voting
- New MIT Card
- MIT Tech Cash
- Peer-to-Peer Security
- Anti-spam techniques
- Designing Graphical Password Schemes
- A survey of the meaning of trust across websites and a trust recommendation system to promote safe surfing
- Web site verification
- Designing a "Really Nasty" Rogue Wireless Access Point
- A Study of MIT Information Systems
- Time-Lapse Cryptography
- Client-Side Issues Related to Developing World Anonymity
- Usability and Security of ThreeBallot
- A Security Analysis of Web Browsing With Tor
- Security of Mobile Ad-hoc Networks
- MUSSO: A Multi-User Single Sign-On System
- Practical Physical Authentication for the Web
- MP3 Steganography
- SPP: A Security Protocol for Peer-to-Peer systems
Sample proposal
- Differential Fault Analysis of RC5 (which does not follow this year's directions properly...)
- DFA paper
Hints for writing your paper and giving your talk
- How to make a good paper and talk
- How (and How Not) to Write a Good Systems Paper
- Advice on giving an academic talk
- Sample 10-minute talk [ Abstract , PDF , TeX tarball ]