ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Master Thesis Project | Securing Yivi’s EUDI Wallet Transition with an HSM-Based Architecture

Confidential

Utrecht, Utrecht, Nederland permanent

Posted: January 30, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Required Skills

Cryptography Digital Identity HSM Security Compliance Privacy Architecture Protocols Research Cryptography Agility

Job Description

Master Thesis project proposal

“Designing and implementing a HSM-Based Architecture for Yivi's Transition to an EUDI Wallet with enhanced security against high-potential attackers”

Context and motivation

Background

Yivi is a privacy-preserving digital identity platform that has successfully launched passport credentials in production using IRMA/Idemix protocols based on zero-knowledge proof (ZKP) schemes. With the introduction of the EU Digital Identity (EUDI) Wallet regulation (eIDAS 2.0), Yivi aims to evolve into a compliant EUDI wallet while maintaining its strong privacy guarantees.

Strategic challenge

Yivi faces a fundamental architectural challenge: transitioning from a ZKP-focused architecture to a cryptographically agile system that supports multiple credential formats (SD-JWT VC, ISO 18013-5 mDL, IRMA) and protocols (OpenID4VP, ISO 18013-5) while significantly strengthening security against high-potential attackers as required by eIDAS regulation.

The Keyshare Protocol Problem

Yivi's current keyshare protocol (https://docs.yivi.app/keyshare-protocol) requires fundamental renewal to:

• Support multiple credential formats beyond IRMA/Idemix

• Provide hardware-backed key security using HSMs

• Meet eIDAS assurance level High requirements

• Protect against nation-state level attackers

• Maintain Yivi's privacy-first principles

Research objectives

Primary objective

Prototype a renewed keyshare protocol architecture for Yivi that enables cryptographic agility, HSM-based security, and EUDI wallet compliance while preserving privacy guarantees, based on the Split-ECDSA (SECDSA, Verheul (2024) approach.

Specific research questions

RQ1: Architecture design

How can Yivi's keyshare protocol be redesigned to support multiple cryptographic schemes (IRMA/Idemix, ECDSA, EdDSA, ECDH-MAC) while maintaining a unified security model?

RQ2: HSM Integration

What HSM-based architecture patterns can provide hardware-bound key security for Yivi while remaining implementable on standard PKCS#11 HSMs without vendor lock-in?

RQ3: Security enhancement

How can Split-ECDSA (SECDSA) or similar cryptographic techniques be adapted to Yivi's architecture to achieve:

• Verifiable sole control under high attack potential

• Protection against PIN brute-force even with compromised devices

• Publicly verifiable transaction transparency

RQ4: Protocol compatibility

How can the renewed keyshare protocol interface with both:

• IRMA credentials and protocols

• EUDI wallet protocols (OpenID4VP, ISO 18013-5)

RQ5: Privacy Preservation

How can cryptographic agility be achieved without compromising Yivi's unique privacy properties, particularly unlinkability across credential presentations?

Student profile

We are looking for a motivated university-level student in Computer Science, Cyber Security or a closely related discipline. You have a strong affinity with cryptography, digital identity, and privacy-preserving technologies, and you are eager to apply academic knowledge to a real-world, high-impact use case. You work independently, think analytically, and are comfortable exploring complex technical concepts.

Thesis benefits

• Professional supervision from specialists in cryptography, identity management, and EUDI Wallet technologies

• Regular feedback and technical sparring sessions throughout the thesis process

• Access to technical documentation, development environments, and research materials relevant to the assignment

• A monthly thesis compensation of €500 (based on a 40-hour commitment; exceptions possible)

• Flexible working arrangements, including hybrid work options

• Opportunities to publish or present your research within the organization

• Real-world impact: your work may directly contribute to the integration of Yivi as an EUDI Wallet

References

Academic

• SECDSA: Mobile signing and authentication under classical ``sole control'' https://eprint.iacr.org/2021/910

• Privacy-Preserving Credentials: Camenisch et al https://eprint.iacr.org/2014/468.pdf

Other

• What is Yivi https://docs.yivi.app/what-is-yivi

• IRMAGO https://github.com/privacybydesign/irmago

• EUDI Wallet ARF: EU Commission - Regulatory framework https://eudi.dev/2.5.0/architecture-and-reference-framework-main/

Contact

Primary contact person

Dibran Mulder, CTO Caesar Groep & Yivi

+31 (0)6 39 30 61 18

[email protected]

Address:

Janssoniuslaan 80

3528 AJ Utrecht

Websites:

https://yivi.app

https://caesar.nl

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply