University of Virginia, Department of Computer Science
CS588: Cryptology - Principles and Applications, Spring 2005

Lectures | Problem Sets | Challenges | Forum

Project Ideas

This page lists a few ideas for course projects. You are not limited to projects on this list; any topic that is relevant to this course may be proposed. This list is meant to get you started thinking about interesting projects.


Recent security conferences are a good source of project ideas:

Here are projects from previous CS588 offerings: Note that "outreach projects" were not an option those years. In Fall 2001, Problem Set 4 asked students to "produce something that presents an important issue relevant to cryptology or computer security in a way that will be accessible and useful to an audience without substantial technical knowledge". Selected reponses are found here:


Reputation Server
Services like eBay depend on tracking a history of individual behavior. (See for a more substantial attempt.) Involvement in a number of good transactions enhances ones reputation, and the threat of bad feedback motivates people to behave well. Describe potential attacks on eBay's reputation. Design and implement a more secure reputation service.
Security User Interface
How can reference monitors present security violations to users in a way they understand? (And not pop-up so many false alarms that users learn to reflexively ignore warnings?)
Event Tickets
Design a system where customers can purchase and print out their own movie ticket.
File Sharing
How can file sharing services protect copyrights? What are the security issues involved in Napster and its successors?
Secure Internet Gambling
Analyze the trust issues for a gambling application. Design and implement a scheme for secure gambling on the Internet. Your scheme should be more secure than ASF Software's.
Intellectual Property Protection
How can content providers collect payments?


Conduct a security analysis of an existing or proposed system. Your analysis should include a description of vulnerabilities and potential attacks. Before actually attempting to attack a system, you must get permission (from me first, and probably from the system operators).

Analyze the predictability of Shuffle Master (automatic card shuffling devices used in casinos)

From patent: 5,261,667: Random cut apparatus for card shuffling machine

Apparatus for randomly cutting a deck of cards. ...A probe is moved into the offset zone of the shingled deck and is caused to stop at a randomly selected location in the zone. ... The cut is preferably made in the range of cards 20-32 in a 52 card deck.


Do something relevant to this course that is beneficial to the larger community. Examples include:

CS 655 University of Virginia
Department of Computer Science
CS 588: Cryptology - Principles and Applications