PhD studentships 2019

Hardware security anchors: analysis and designs

A hardware security anchor in a computing device is a hardware feature intended to make the platform more secure than can be achieved by software alone. Examples include: TPM, Intel SGX, ARM TrustZone, and platform security processors like the Google Titan chip. We have two PhD studentships associated with an EPSRC research project on hardware security anchors. The objectives of the project are:
  1. To perform thorough security evaluations on a variety of hardware security anchors or enclaves being developed and marketed for user devices such as laptops and smartphones.
  2. To enhance those security mechanisms for user-centric applications. In particular, we address the challenges of user authentication in a device-rich IoT world.
  3. To directly contribute to the security of tomorrow's COTS devices.
  4. To provide convincing demonstrators of our mechanisms and use cases.
The project is led by Mark Ryan, Flavio Garcia and David Oswald. Our project partners HP Labs are also devoting time to the project, and the PhD students and postdocs working on the project will have the opportunity to spend time with them.

Studentship. The studentships cover a stipend of £15,009 per year for the first year, likely to rise with inflation in subsequent years. The studentships last 3.5 year. Tuition fees based on UK/EU fees are also covered. One studentship is funded by the School of Computer Science. The other one is part-funded by HP Labs and part-funded by the School of Computer Science. This second one may be primarily based at HP Labs in Bristol. The project will additionally cover a laptop, equipment, software and travel to attend conferences and summer schools for the students.

Eligibility. Candidates from most countries are welcome to apply. However, the studentship does not cover the full tuition fees for non-UK/EU students. Candidates should have an honours undergraduate degree and/or postgraduate degree with Distinction (or an international equivalent) in Electrical and Electronics Engineering, Computer Science, Mathematical Engineering or closely related discipline. One of the studentships will focus on evaluating the security of hardware anchors; suitable candidates will have a strong background in low-level hardware and programming. The other studentship will focus on authentication applications; good candidates will have a background in applied crypto, protocol design and analysis. Other candidates with a strong academic record will also be considered.

How to apply. Candidates are encouraged to send

  • their CV
  • a transcript with a list of courses and grades
  • a document they have authored by themselves (for example, an assignment, a dissertation, an essay), and
  • a description of their research interests
to Mark Ryan, Flavio Garcia and David Oswald as soon as possible for informal discussion about their suitability. Once that is done, you must apply on the portal. The PhD candidate is expected to start in September or October 2019.

Adversarially-robust neural networks for cyber security

Deep neural networks (DNNs) have proven to be an extremely effective technology, most notably in image classification and speech recognition. They have also been proposed for a variety of tasks related to security, such as malware classification, classification of user content, and intrusion detection. However, there are significant challenges in using any kind of machine learning in security. Examples include:
  • The high cost of classification errors
  • The difficulty explaining outcomes to users (e.g., why a particular action they are attempting is being rejected)
  • The requirement for constant evolution, as adversaries adapt to work around defences based on machine learning.
  • The likelihood of weaponisation of user feedback. If users are given explanations why their actions are being denied, this can be used by attackers to devise ways to defeat the defences.
A related issue is that, in security, we often want to detect anomalies; but DNN techniques work by finding similarities, between the training data and new test data, not by finding outliers. Hence, the security context looks mismatched with the capabilities of DNNs. The objectives of the project are:
  1. To characterise situations in which DNNs can, and cannot, be effectively used in security contexts.
  2. To create techniques for making DNNs more robust against adversaries.
  3. To explore the effectiveness of model transferability and black-box attacks.
The project is led by Mark Ryan and Dave Parker. It is funded by the National Cyber Security Centre and GCHQ.

Studentship. This studentship covers a tax-free stipend of £22,000 per year for 3.5 years, rising to £23,000 in the third year. It also covers the student's tuition fees based on UK/EU fees, as well as a laptop, equipment, software and travel to attend conferences and summer schools.

Eligibility. Because of the funding source, candidates must be UK nationals, and must be willing to undergo security clearance. The successful candidate will also undertake a short internship with GCHQ during the course of their research. Candidates should have an honours undergraduate degree and/or postgraduate degree with Distinction (or an international equivalent) in Electrical and Electronics Engineering, Computer Science, Mathematical Engineering or closely related discipline. The ideal candidate for this position will be familiar with machine learning and neural nets, and have knowledge of cyber security. Other candidates with a strong academic record will also be considered.

How to apply. Candidates are encouraged to send

  • their CV
  • a transcript with a list of courses and grades
  • a document they have authored by themselves (for example, an assignment, a dissertation, an essay), and
  • a description of their research interests
to Mark Ryan and Dave Parker as soon as possible for informal discussion about their suitability. Once that is done, you must apply on the portal. The PhD candidate is expected to start in September or October 2019.

Hardware Implementations of Isogeny-based Protocols

Post-quantum cryptography aims at developing new security protocols that will remain secure even after powerful quantum computers are built. Isogeny problems are among the few hard problem candidates that are currently considered for post-quantum cryptography. Isogeny-based protocols now include key exchange, public key encryption and signatures, so essentially all basic cryptographic primitives necessary for most common applications such as TLS communications. Isogeny-based key agreement protocol SIKE is a candidate submission in the ongoing post-quantum cryptography standardization event from the American National Institute for Standards and Technologies (NIST). Isogeny-based cryptography offers one of the most promising approach for post-quantum cryptography and achieves forward secrecy in communications, a highly desirable feature currently available in TLS protocol suite. Protocols based on isogeny problems enjoy very small public keys compared to all other post-quantum candidates, a very useful feature since those keys are routinely transmitted as part of public key certificates. While all these properties make isogeny-based cryptography very appealing, it is also a relatively new field. As a result, it is less mature than other post-quantum candidates, and arguably not ready yet to meet the requirements of real-life security applications. In particular, there is very little work on hardware implementations of isogeny-based protocols.

The main goal of this studentship is to develop optimized, side-channel protected hardware implementations of isogeny-based protocols.

The student will be supervised by Sujoy Sinha Roy, Christophe Petit and Flavio D. Garcia.

Studentship. This studentship covers a tax-free stipend of £22,000 per year for 3.5 years, rising to £23,000 in the third year. It also covers the student's tuition fees based on UK/EU fees. The studentship includes provision for travel funding and some equipment.

Eligibility. Because of the funding source, candidates must be UK nationals, and must be willing to undergo security clearance. The successful candidate will also undertake a short internship with GCHQ during the course of their research. Candidates should have an honours undergraduate degree and/or postgraduate degree with Distinction (or an international equivalent) in Electrical and Electronics Engineering, Computer Science, Mathematical Engineering or closely related discipline. The ideal candidate for this position will be familiar with low-level programming, hardware architecture design and cryptography, but other candidates with a strong academic record will also be considered.

How to apply. Candidates are encouraged to send

  • their CV
  • a transcript with a list of courses and grades
  • a document they have authored by themselves (for example, an assignment, a dissertation, an essay), and
  • a description of their research interests
to Sujoy Sinha Roy and Christophe Petit and Flavio Garcia as soon as possible for informal discussion about their suitability. Once that is done, you must apply on the portal by the deadline of 15 April 2019. The PhD candidate is expected to start in September or October 2019.