A Masaryk University project
This project focuses on the cryptographic APIs with respect to their developer usability. Such APIs are notoriously complex and prone to usage errors – our goal is to analyze their (in)correct usage and propose precautions and guidelines to achieve better usability and security.
The cooperation between Masaryk University and Red Hat Czech was established in 2007, just one year after the Red Hat Czech subsidiary was formed. Long-term cooperation with Red Hat happens on multiple levels and includes supervising bachelor‘s and master‘s theses focused on real projects, sponsoring PhD students and their open research projects, and teaching accredited courses led by experienced Red Hat associates.
Red Hat offers students the opportunity to pursue research activities and projects directly in their own open-source lab, which serves as the place to support common activities between Red Hat and the faculty.
Three researchers from the Faculty of Informatics involved in Red Hat Research were awarded with the 2021 “MUNI Innovation Award”
Masaryk University awarded the 2021 “MUNI Innovation Award” at its Business Research Forum on November 11, 2021. These new awards aim at individual students and employees whose outputs have been successfully implemented in practice, have helped improve products or services or have otherwise contributed to increasing the social relevance of Masaryk University’s research activities.
In February 2020, four colleagues from Red Hat Brno decided to organize a full-semester course called Development of Intuitive User Interfaces at Faculty of Informatics, Masaryk University. How did they cope with the coronavirus crisis?
On February 6th, the Faculty of Informatics at Masaryk University opened its doors to the public. Open Days is a great opportunity for potential applicants for studies at the faculty.
On January, 23, the day before Devconf.cz, the Research team organized its own academic conference, inviting a score of speakers from our university circles.
Title Summary Research Area Side-channel attacks on embedded devices and smartcards This project focuses on several aspects of side-channel attacks on embedded devices and smartcards, utilizing timing, power-analysis and other side-channels. … Security, Privacy, Cryptography Mining issued Common Criteria and FIPS140-2 certificates The security certification reports might be long but is also a trove of publicly available data about otherwise proprietary devices … Security, Privacy, Cryptography Verifying constant-time cryptographic algorithm implementations The aim of this project is to verify the timing side-channel resistance of cryptographic implementations. The project focuses on the constant time (and constant memory access) generic cryptographic implementations of selected cryptographic algorithms. T Security, Privacy, Cryptography Trusted Computing Ecosystem The project aims to study the TPM ecosystem as currently exists in deployed devices and software applications using it, establish the types of chips and their properties one can encounter, investigate the state of patching of known vulnerabilities like ROCA against Infineon’s TPM (CVE-2017-15361) or TPMFail against Intel’s fTPM (CVE-2019-11090) and STM’s TPM (CVE-2019-16863) and analyze a reliability of stored integrity measurements (PCRs) for remote attestation and disk encryption uses. Security, Privacy, Cryptography Improving Full Disk Encryption The primary focus of this project is also data integrity protection, either in combination with encryption (authentication encryption) or standalone using dm-integrity and dm-verity kernel driver. Security, Privacy, Cryptography Authentication in public open-source repositories This project focuses on user authentication in public repositories containing open-source projects, which are then used by commercial companies (e.g. Red Hat) as a source for their internally maintained repositories. Security, Privacy, Cryptography LART – LLVM Abstraction and Refinement Tool The goal of this tool is to provide LLVM-to-LLVM transformations that implement various program abstractions. Testing and Ops Adaptive Learning of Programming The mission of Adaptive Learning of Programming is to make learning more efficient and engaging by personalizing educational systems using artificial intelligence techniques. AI-ML Symbiotic Symbiotic is an open-source framework for program analysis integrating instrumentation, static program slicing and various program analysis tools. Testing and Ops Vega Project The Vega Project team at Red Hat came up with an idea to harness the power of Kubernetes to provide the next-generation open-source tool for high-performance computing. The project is way past the design phase, and the team is already working on the proof-of-concept implementation using Red Hat OpenShift Container Platform. AUFOVER – The Automation of Formal Verification The goal of the Automation of Formal Verification (AUFOVER) project is to develop automated formal verification tools and integrate them for industrial use. The tools to be developed or improved within the projects are Verification Server, Verification Server Client Application, csmock plug-ins, DIVINE, Symbiotic and Testos. The purpose of the grant is to finish the development of university tools based on formal mathematical methods and their transfer to a commercial environment, including integration with industrial partners’ tools and incorporation of these tools into the commercial processes for software verification. Testing and Ops Usable Security for Developers This project focuses on the cryptographic APIs with respect to their developer usability. Such APIs are notoriously complex and prone to usage errors – our goal is to analyze their (in)correct usage and propose precautions and guidelines to achieve better usability and security. Security, Privacy, Cryptography