Past research
This page lists activities I have been involved in in the (distant) past.
Projects
- Product Security for Cross Domain Reliable Dependable Automated Systems (SECREDAS), 2018-2021.
- SECREDAS is supported by the ECSEL Joint Undertaking Electronic Components and Systems for European Leadership.
- Member of Privacy in the 21st century: Finding a new paradigm to protect citizens in the age of ubiquitous data, 2014-2019.
- The VICI project is aimed at reinventing physical-space privacy in light of developments in mobile devices, cloud computing, and surveillance, which will be done in a large part by comparative legal analyses of eight legal systems.
- Decentralised Citizens Owned Data Ecosystem (DECODE), 2017-2019.
- DECODE is supported by the European Union and Funded under the H2020 Programme for research and innovation Grant Agreement nº 732546.
- Patterns for Privacy (P4P), 2014-2018.
- Funded through the NWO/STW National Cyber Security Research Agenda (NCSRA II) programme.
- Member of FutureID.
- The FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infrastructure for Europe. FutureID is an Integration project partially funded under the ICT theme of the Cooperation Programme of the 7th Framework Programme of the European Commission (FP7) under contract number 318424.
- Member of ECRYPT II.
- ECRYPT II - European Network of Excellence for Cryptology II is a 4-year network of excellence funded within the Information & Communication Technologies (ICT) Programme of the European Commission's Seventh Framework Programme (FP7) under contract number ICT-2007-216676.
- Revocable privacy, 2010-2014.
- Funded through the STW Sentinels programme.
- Identity Management on Mobile Devices, 2010-2014.
- Funded through the STW Sentinels programme.
- DIFR Tag-Scan-Privacy-Match, 2008.
- Funded by the NLNet Foundation.
- Privacy Enhancing Architecture for RFID Labels (PEARL), 2007-2010.
- Funded through the STW Sentinels programme.
- A Generic Architecture for Secure Remote Management (JASON), 2005-2009.
- Funded through the STW Sentinels programme. Part of this project is open source, see JASON for SOA.
- Dynamic Communication networks: Foundations and algorithms (DYNAMO), 2004-2008.
- Funded as EU COST Action 295
- Privacy in an Ambient World (PAW), 2003-2006.
- Funded through the IOP GenCom Programme.
- Secure multimedia retrieval (SUMMER), 2000-2002.
- Initiated and raised funding for this project, and involved in its inital stages.
People
The following people in the Digital Security (DS) (formerly the Security of Systems (SoS)) group worked under my supervision.
- Olha Drozd (Wirtschaftsuniversität Wien)
- External advisor
- Paulus Meessen (09/2017-09/2021)
- PhD student in the DECODE project.
- Jeroen van Puijenbroek (05/2015 - 2019)
- External PhD student, working on Privacy by Design.
- Michael Colesky (02/2015 - 02/2019)
- Phd student in the Patterns 4 Privacy project
- Tommy Koens (02/2015 - 12/2017)
- External PhD student, working on cryptocurrencies.
- Wouter Lueks (9/2011 - 1/2017)
- PhD student in the Revocable Privacy project. Thesis: "Security and privacy via cryptography. Having your cake and eating it too". Currently postdoc, IMDEA, Spain.
- Anna Krasnova (9/2012 - 8/2016)
- PhD student in the Privacy in the Internet of Things project. Thesis: "Smarty invaders of private matters. Privacy of communication on the Internet and in the Internet of Things (IoT)". Currently researcher at the Radboud University's Digital Security group.
- Sietse Ringers (06/2014 - 10/2016)
- External PhD student, working on cryptographic aspects of Attribute Based Credentials. Thesis "Quantization using Jet Space Geometry and Identity Management using Credential Schemes". Currently researcher at the Radboud University's Digital Security group.
- Gergely Alpár (3/2010 - 6/2014)
- PhD student in the MobiMan project. Thesis: "Attribute-based identity management. Bridging the cryptographic design of ABCs with the real world". Currently assistant professor at the Open Universiteit and visiting researcher at the Radboud University's Digital Security group.
- Antonio de la Piedra (9/2013 - 9/2014)
- Postdoc in the FutureID project.
- Maarten Jacobs (1/2010-6/2011)
- PhD student in the Revocable Privacy project.
- Richard Brinkman (10/2007 - 5/2009)
- Postdoc in the JASON project.
- Łukasz Chmieliewski (11/2005 - 11/2009).
- PhD student in the JASON project.
- Thanh Son Nguyen (8/2005 - 7/2007).
- PhD student in the JASON project.
- David Galindo (11/2004-11/2006)
- Postdoc in the PAW project.
- Flavio Garcia (9/2003 - 9/2007) and (8/2007 - 4/2010)
- PhD student in the NWO PIONEER project. Thesis: "Formal and computational cryptography : protocols, hashes and commitments". Currently Senior Lecturer in Computer Security School of Computer Science University of Birmingham.
In the news
2014
- Nederlands eID-stelsel slaat desastreuze weg in, Computerworld, 29-01-2014.
- Internet en Privacy. Big Brother is watching you, NTR De Kennis van Nu, Radio 5, 22-12-2014.
- Interview over lancering FIDO standaard, RTL Niews, 10-12-2014. Ook op RTL Z.
- Is anoniem winkelen straks verleden tijd?, interview Radio 1 Nieuwsshow, 1-11-2014.
- Moeten we bang zijn voor het Internet der Dingen, Opinieblad Forun, VNO-NCW, 16-10-2014
- 8 redenen om de OV-chipkaart af te schaffen, Webwereld, 15-10-2014.
- Witwassen met Cadeaukaarten, Een Vandaag, 13-10-2014.
- Privacy kun je beschermen door het te ontwerpen. Interview in De Correspondent, 25-3-2014.
- Interview on TV Gelderland about electronic voting, 21-3-2014.
- Interview on BNR De Ochtendspits about electronic voting, 18-3-2014.
- Met een splinternet bescherm je de Europese burger niet, gastbijdrage De Correspondent, 20-2-2014. "Hou het voor jezelf", de Volkskrant, 25-1-2014.
- Hoepman
gaat PI.lab bekend maken, Computable, 7-1-2014.
2013
- Metadata, het meest onderschatte woord van het jaar, De Correspondent, 20-12-2013.
- Spionnenvacature in online raadsel, Radio 1 Journaal, 12-09-2013.
- Over the crypto puzzel in de sollicitatie site van GCHQ.
- Expert: encryptie waarschijnlijk wel veilig, security.nl, 10-09-2013
- Eigenlijk een samenvatting van mijn blog over ditzelfde onderwerp.
- Opstelten en Belastingdienst winnen Big Brother Awards, NRC, 29-08-2013.
- Citaat uit mijn motivatie ter nominatie van de Belastingdienst.
- Several regional newspapers on Parkeerdienst over de schreef met afgeven kentekens, July 29, 2013.
- See also this blog post about the same issue.
- VPRO Labyrint, Sunday July 28, 2013.
- Studio guest in a scientific programme on Dutch national radio about privacy, resulting in an almost one hour long interview. - Quote in PM Public Mission 'Regelgeving loopt achter op wat nodig is' Verslag NLIGF, Den Haag, 13-06-2013 - Justitie moet echt heimelijk kunnen hacken (14-06-2013)
- Equens wil ons pingedrag verkopen aan winkeliers (24-05-2013)
- Interview on Dutch national radio (BNR Radio 1).
- Data Protection in Europe, March 2013.
- More than 100 Leading European Academics are taking a position on the importance of a proper data protection regime in the European Union.
2012
- Nederlands Dagblad, 24-12-2012 "Verzekering tegen cybercrime op komst"
- Computable, 14-12-2012, in Beveiliging moet ontwerpuitgangspunt zijn
- On the role of government in ensuring that businesses mitigate security risks.
- Radio Nederland Wereldomroep, 19-6-2012, in Internet of Things: tag, bliep en volg.
- On the security and privacy risks of the Internet of Things.
- Metro, 15-2-2012, in Websites overtreden privacywet massaal
- Quotes over ongebreidelde data verzameling door websites.
2011
- NRC, 06-09-2011, in "Er zitten te veel rotte appels tussen de digitale certificaten"
- Quotes over reikwijdte en gevolgen Diginotar hack.
- Webwereld, 02-09-2011, "Diginotar tekent bankroet certificeringsmodel (opinie)"
- Opiniestuk over reikwijdte en gevolgen Diginotar hack.
- NOS Journaal, 13-08-2011, 16:00, en 18:00 (ook 20:00).
- Over onderzoek naar recht op inzage
- De Telegraaf, 13-08-2011, "Bedrijven negeren privacyregels" en "Iedereen bekende nederlander"
- "Hulp voor klant bij vragen persoonsgegevens", nu.nl, 13-08-2011
- "Cookies kun je uitstekend beheren met... cookies". NRC Handelsblad, 20-6-2011, ingezonden brief.
2010
- RTL Nieuws, 19:30, December 29, 2010.
- On further advances in GSM eavesdropping announced the day before by Kartsen Nohl at 27C3, Berlin.
- VPRO Labyrint 'Digitale Sporen', 17-03-2010
- Science program on Dutch TV about the Internet of Things and the digital traces left behind by RFID and such.
- "Dat rode potlood is niet anders dan een fopspoon", nrc.next 11-3-2010 en Stempotlood is iets van vroeger, NRC Handelsblad 11-3-2010.
- Opinion piece about the (dated) use of the pencil for voting, arguing for the use of electronic voting (provided it meets the very strict transparency and security requirements of course).
- Quote in Metro on contactless payments (15-2-2010).
- TROS Radio 1 Nieuwsshow (6-2-2010). Interview about the (technical) background of magstripe skimming.
- Quote in ANWB-peiling
slecht beveiligd, Bright, 25-01-2010.
- Quote in Massale
deelname aan ANWB-peiling , het Parool, 24-01-2010.
- Quote in Massale
deelname aan omstreden ANWB-peiling, het AD, 24/01/2010.
- Quote in "Brede aanpak kan beter beeld peiling geven", Trouw, 24 Januari, 2010.
- Quote in "Forse kritiek op enquête ANWB", Metro, Maandag 25 Januari, 2010.
- "Door op meerder manieren om te stemmen aan te bieden, krijgt iedereen de kans om te stemmen".
2009
- Bijdrage aan Het Internet Der Dingen, wat is het?.
- Summary of a creative session to develop scenarios on the internet of things in real life, that took place June 23, 2009 at the Waag Society in Rotterdam.
- "Laat consument zelf een besluit nemen over chips", Ingezonden brief, NRC, 18 augustus 2009.
- (RFID chips, mind you... Those guys at NRC sure know how to screw up a headline.. ) Short letter based on "Don't kill the internet of things".
- RFID: alles draadloos verbonden Maar hoe zit het met de privacy? in nrc.next, may 1, 2009.
- Quoted on the Privacy Coach. Zie ook hier
2008
- Interview on TROS Radio 1 Online
- discussing the RFID Privacy Coach
- Mobiele app beschermt tegen ongewilde RFID-registraties Webwereld, 24-11-2008.
- Discusses the Privacy Coach developed by DIFR with funding by NLnet Foundation. (Also appeared in the Financieel Dagblad and TelecomMagazine).
2007
- "Technologie en privacy als bondgenoten", Ingezonden brief, NRC, 20 juni 2007.
- Response to opinion piece of Sylvia Roelofs (ICT Office) who viewed privacy as simply a security problem. A too narrow view, in my opinion.
- "Nieuwe risicosport: stemmen", nrc.next, January 15, 2007.
- Opinion piece on why the possible re-introduction of the NewVote voting computers is a bad idea.
2006
- "Nooit meer 'Cheese!'"(Volkskrant, July 15, 2006)
- Contribution to newspaper article, on the new biometric passport.
- 'Centrale opslag paspoortgegevens doelwit criminelen', (Trouw, April 27, 2006)
- Contribution to newspaper piece, again on why storing the biometric data of the electronic passports in a central database is a bad idea
- "RFID-chip blijkt niet onfeilbaar", (Volkskrant, March 15, 2006)
- Quote in newspaper arguing that the legal interpretation of "persoonsgegeven" (personably identifiable information) should be extended to encompass the numbers broadcast by RFID tags.
- TROS Radio Online (Radio 1, January 31, 2006)
- On why storing the biometric data of the electronic passports in a central database is a bad idea (also cited in 2006: het jaar van het biometrisch paspoort, NetKwesties, 138, 06-01-2006).
2005 and before
- C-sharp interview (June 2005).
- On the biometric passport and its privacy implications.
- Teleac "Hoezo" (AM 747, June 9, 2004) - (listen)
- On the discovery of the 41st Mersenne prime, and the relationship between (large) primes and cryptography.
- Emerce 37 (April 2004)
- Cites PKI: Vloek of Zegen? and contains quotes taken from a recent phone interview.
- NRC editorial (September 2, 2003).
- Discusses a recent opinion piece of Bart Jacobs and myself in I&I Magazine.
- TROS Nieuwsshow (Radio 1, October 19, 2002).
- Interview concerning recent cases of PIN frauds.
- "Pik in die pin" (Volkskrant, July 13, 2002)
- Contribution to newspaper piece on recent cases of PIN/ATM fraud.
Other activities
- Member of commissie onderzoek elektronisch stemmen in het stemlokaal, installed by the Ministry of the Interior and Kingdom Relations (2013).
- Member of the editorial board of Privacy & Informatie.
- Expert for Netkwesties and Sargasso.
- Member of Council, a thinktank on the internet of things.
- SAFE-NL, co-founder and steering committee member.
- Co-founder of the Kerckhoffs Institute computer security master programme.
- Member of the Executive Board of Trust in Digital Life (2012-2013).
- Chair of IFIP WG 11. 2 on "Pervasive Systems Security" (2007-2013).
- Member of DIFR, the Dutch Interdisciplinary Forum on RFID (2010).
- Member of the Permanent Stakeholders Group (PSG) of the European Network and Information Security Agency (ENISA) (2007-2010).
- Advisory Committee of the Summer School in Network and Information Security (NIS), Heraklion, Crete, 2008 and 2009.
- PC Chair positions: 3rd Workshop in Information Security Theory and Practices 2009: Smart Devices, Convergence and Next Generation Networks (WISTP 2009).
- Steering committee memberships:: 4th Workshop in Information Security Theory and Practices 2010: Security and Privacy of Pervasive Systems and Smart Devices (WISTP 2010).
- PC Memberships: 9th International conference Computers, Privacy and Data Protection (CPDP 2016) / 6th International Conference on the Internet of Things (IoT 2016) / 16th Privacy Enhancing Technologies Symposium (PETS 2016) / The 5th International Conference on the Internet of Things (IoT 2015) / Annual Privacy Forum 2015 (APF 2015) / The Open Identity Summit ( OID 2015) / 10th IFIP Summerschool on Privacy and Identity Management 2015) / 30th IFIP TC-11 SEC 2015 International Information Security and Privacy (IFIP SEC 2015) / 1st IEEE Workshop on Privacy Engineering (IWPE 2015) / 8th Int. Conf. on Computers, Privacy and Data Protection 2015 (CPDP 2015) / Open Identity Summit 2014 (OID 2014) / 9th IFIP Summerschool on Privacy and Identity Management 2014) / Annual Privacy Forum (APF 2014) / 10th Workshop on RFID Security (RFIDSec 2014) / 7th Int. Conf. on Computers Privacy & Data Protection (CPDP 2014) / 29th IFIP TC-11 SEC 2014 International Information Security and Privacy Conference (SEC 2014) / 2nd International Conference on Human Aspects of Information Security, Privacy and Trust (HAS 2014) / ACM Digital Identity Management Workshop 2013 (DIM 2103) / 4th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN 2013) / 7th Workshop in Information Security Theory and Practice (WISTP 2013) / The 9th Workshop On Rfid Security And Privacy (RFIDSec 2013) / 28th IFIP International Information Security and Privacy Conference (SEC 2013) / 3rd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management (IDMAN 2013) / 1st International Conference on Human Aspects of Information Security, Privacy and Trust (HAS 2013) / 13th Joint IFIP TC6 and TC11 Conference on Communications and Multimedia Security (CMS 2012) / 1st International Conference on Security of Internet of Things (SECURIT 2012) / 14th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2012) / 6th Workshop on Information Security Theory and Practice (WISTP 2012) / 27th IFIP International Information Security and Privacy Conference (SEC 2012) / 7th IFIP Summer School on Privacy and Identity Management 2011 / 9th International Conference on Applied Cryptography and Network Security (ACNS 2011) / 26th IFIP SEC 2011 - Future Challenges in Information Security and Privacy for Academia and Industry (SEC 2011) / 5th Workshop on Information Security Theory and Practice (WISTP 2011) / 12th Joint IFIP TC6 and TC11 Conference on Communications and Multimedia Security (CMS 2011) / 5th Benelux Workshop on Information and System Security (WISSEC 2010 / 7th European Workshop on Public Key Services, Applications and Infrastructures (EuroPKI'10) / 4th Workshop on Information Security Theory and Practice (WISTP 2010) / 2nd IFIP Identity Managament conference (IDMAN 2010) / 11th Conference in Communications and Multimedia Security (CMS 2010) / 3rd ACM Conference on Wireless Network Security (WiSec 2010) / 25th International Information Security Conference (IFIP SEC 2010) / 6th European Workshop on Public Key Services, Applications and Infrastructures (EUROPKI09) / 2nd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Device Use (IWSSI/SPMU 2009) / 3rd Benelux Workshop on Information and System Security (WISSEC 2008) / 10th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2008) / 2nd Workshop in Information Security Theory and Practices 2008: Smart Devices, Convergence and Next Generation Networks (WISTP 2008) / 23rd International Information Security Conference (IFIP SEC 2008) / 8th Smart Card Research and Advanced Application IFIP Conference (CARDIS 2008) / 9th Int. Symp. on Stabilization, Safety, and Security of Distributed Systems (SSS 2007) / 2nd Benelux Workshop on Information and System Security (WISSEC 2007) / IFIP International Conference on Embedded and Ubiquitous Computing - Security & Fault Tolerance track (EUC 2007) / 4th IEEE Int. Workshop on Pervasive Computing and Communication Security (PerSec 2007) / 2nd International Conference on Mobile Ad-hoc and Sensor Networks - Security, Privacy, and Reliability special track (MSN'06) / 8th Int. Symp. on Stabilization, Safety, and Security of Distributed Systems (SSS 2006) / 11th European Symposium On Research In Computer Security (ESORICS 2006) / 20th Annual Conference on Distributed Computing (DISC 2006) / 3rd IEEE Int. Workshop on Pervasive Computing and Communication Security (PerSec 2006) / 26th IEEE Int. Conf. on Distributed Computing Systems (ICDCS 2006) / 1st Int. Workshop On Foundations And Algorithms For Wireless Networking (FAWN 2006) / 7th Int. Symposium on Self Stabilizing Systems (SSS 2005) / 20th IFIP Int. Information Security Conf. WG 11.2 (SEC 2005) / 23rd ACM Symp. on Principles of Distributed Computing (PODC 2004) - also electronic chair ;-) / 18th IFIP Int. Information Security Conf. WG 11.2 (SEC 2003) / 9th Int. Conf. on Parallel and Distributed Systems (ICPADS 2002) / 5th Workshop on Self-Stabilizing Systems (WSS 2001)
- Conference organiser: Dagstuhl seminar "From Security to Dependability", 10-15 September 2006 / 18th Int. Symposium on Distributed Computing (DISC 2004), Amsterdam / Cryptography workshop of the 39th Dutch National Mathematics Congress, (NMC 2003), Nijmegen.
- IWT Vlaanderen referee.
- PATO course on Security and Applied Cryptography.
- Lectured at the Mediamatic workshop RFID Privacies, organised as part of the ANMI summer programme.
- OpenFortress, technical advisor.
- Panelist on the main privacy panel of the Hacking at Large (HAL2001) conference.
Last Version - Mon Jul 11 11:22:13 2022 +0200 / e1e3326.
(Note: changeover from CVS to dotless svn version numbers on Jan 19, 2008, and changeover to GIT versioning on May 30, 2013.)
Maintained by Jaap-Henk Hoepman
Email: jhh@cs.ru.nl