University of Virginia, Department of Computer Science
CS588: Cryptology - Principles and Applications, Fall 2001

Lectures | Manifests | Problem Sets | Projects | Resources | Syllabus | Challenges | Calendar

Project Ideas

This page lists a few ideas for course projects. You are not limited to projects on this list; any topic that is relevant to this course may be proposed. This list is meant to get you started thinking about interesting projects.


Recent security conferences are a good source of project ideas:

Other Sources:


Password Advice
Many sites provide advice for choosing passwords (see" for some examples). How good are common password recommendations? Produce better password recommending instructions.
Reputation Server
Services like eBay depend on tracking a history of individual behavior. (See for a more substantial attempt.) Involvement in a number of good transactions enhances ones reputation, and the threat of bad feedback motivates people to behave well. Describe potential attacks on eBay's reputation. Design (and optionally implement) a more secure reputation service.
Security User Interface
How can reference monitors present security violations to users in a way they understand? (And not pop-up so many false alarms that users learn to reflexively ignore warnings?)
Event Tickets
Design a system where customers can purchase and print out their own movie ticket.
Audio Authentication
Can we do challenge-response authentication using audio? (Would this be useful?)
File Sharing
How can file sharing services protect copyrights? What are the security issues involved in Napster and its successors?
Secure Internet Gambling
Analyze the trust issues for a gambling application. Design and implement a scheme for secure gambling on the Internet. Your scheme should be more secure than ASF Software's.
Health Care Issues
Consider security issues in health care - for example: Can genetic tests be done in a way that ensures privacy? Can medical records be stored in a way that provides access to health care professionals in a secure way?
Intellectual Property Protection
How can content providers collect payments?

Web Cookies

Low-Tech Cipher
Design and analyze a cipher that can be encrypted and decrypted using readily available devices. (For inspiration, see Bruce Schneier's Solitaire encryption algorithm.)


Conduct a security assessment of an existing or proposed system. Your analysis should include a description of vulnerabilities and potential attacks. Before actually attempting to attack a system, you must get permission (either from me, or the system operators).

Some interesting choices include:

Research Surveys

Conduct a research survey in an interesting area, such as:

Other Courses

You may also find some ideas for projects from other security course:

CS 655 University of Virginia
Department of Computer Science
CS 588: Cryptology - Principles and Applications
David Evans