Computer Laboratory

Dr David Llewellyn-Jones

About

David Llewellyn-Jones

Since I'm no longer based at the University of Cambridge this page is no longer being updated. Please see my personal site for up-to-date information about my activities and movements.

Until February 2018 I was a Research Associate on the Pico Project in the Computer Laboratory at the University of Cambridge. The aim of the Pico Project was to free the world from the tyranny of passwords by providing a better way for people to authenticate themselves. In the process of eradicating passwords, it also aimed to remove the need for physical keys, credit cards and all the other gubbins the average person fills up their pockets with.

I'm now CTO of Cambridge Authentication, the company we spun out to commercialise the technology from the project.

Take a look at the video on the Pico site to get a quick overview of the Pico project, which was headed up by Prof Frank Stajano.

My broader research interests include Computer Security and I've worked on a number of projects related to Secure Service Composition (whereby the interactions between devices or services affect security in often unexpected ways).

Before joining the project in Cambridge I was a Reader in Computer Security at Liverpool John Moores University. I completed my PhD in mathematical model theory at the University of Birmingham researching under Dr Richard Kaye. I also spent a stint at Codemasters in Leamington Spa as a programmer on the Race Driver (now Grid) franchise of computer games.

Supervision

Please see my supervision page for details about tutorials.

Contact

Post Dr David Llewellyn-Jones
University of Cambridge
Computer Laboratory
15 JJ Thomson Avenue
Cambridge CB3 0FD
United Kingdom
Phone+44 1223 967128
Email[Javascript required]
Personal homepage http://www.flypig.co.uk
Twitter @flypigahoy
GitLab https://gitlab.com/flypig
GitHub https://github.com/llewelld
LinkedIn http://uk.linkedin.com/in/flypig
Public key 696F 8647 2837 F81D 606F DA0F 07BC F007 F2D4 019F
ORCID ID orcid.org/0000-0002-3836-7903

Publications

The following are some recent publications. You can find a more complete list on my personal site.

  • "Raven Authentication Service: Attacks and Countermeasures"

    Graham Rymer, David Llewellyn-Jones, "Raven Authentication Service: Attacks and Countermeasures", Twenty-sixth International Workshop on Security Protocols (SPW 2018), Cambridge, UK, 19-21 March 2018. (in press). More info....

  • "Intentionality and agency in security"

    Kat Krol, David Llewellyn-Jones, Seb Aebischer, Claudio Dettoni, Frank Stajano, "Intentionality and agency in security", Twenty-sixth International Workshop on Security Protocols (SPW 2018), Cambridge, UK, 19-21 March 2018. (in press). More info....

  • "Pico in the Wild: Replacing Passwords, One Site at a Time"

    Seb Aebischer, Claudio Dettoni, Graeme Jenkinson, Kat Krol, David Llewellyn-Jones, Toshiyuki Masui, Frank Stajano, "Pico in the Wild: Replacing Passwords, One Site at a Time", 2nd European Workshop on Usable Security (EuroUSEC 2017), Paris, France, 29 April 2017. More info....
    Download: pdf.

  • "Seamless Authentication with Pico"

    Kat Krol, Seb Aebischer, David Llewellyn-Jones, Claudio Dettoni, Frank Stajano, "Seamless Authentication with Pico", IEEE European Symposium on Security and Privacy (EuroS&P 2017), Paris, France, 26-28 April 2017. Short Talk. More info....
    Download: pdf.

  • "Cracking PwdHash: A Bruteforce Attack on Client-side Password Hashing"

    David Llewellyn-Jones, Graham Rymer, "Cracking PwdHash: A Bruteforce Attack on Client-side Password Hashing", 11th International Conference on Passwords (Passwords 2016), Bochum, Germany, 7 December 2016. More info....
    Download: pdf.

  • "Explicit delegation using configurable cookies"

    David Llewellyn-Jones, Graeme Jenkinson, Frank Stajano, "Explicit delegation using configurable cookies", Proceedings of the Security Protocols Workshop 2016, Brno, Czech Republic, 8 April 2016. More info....
    Download: pdf.

  • "Red button and yellow button: usable security for lost security tokens"

    Ian Goldberg, Graeme Jenkinson, David Llewellyn-Jones, Frank Stajano, "Red button and yellow button: usable security for lost security tokens", Proceedings of the Security Protocols Workshop 2016, Brno, Czech Republic, 8 April 2016. More info....

  • "Optimizing runtime performance of hybrid dynamically and statically typed languages for the .Net platform"

    Jose Quiroga, Francisco Ortin, David Llewellyn-Jones, Miguel Garcia, "Optimizing runtime performance of hybrid dynamically and statically typed languages for the .Net platform", Journal of Systems and Software, Volume 113, Pages 114-129, March 2016. More info....

  • "Secure Proximity-Based Identity Pairing using an Untrusted Signalling Service"

    Tim Panton, David Llewellyn-Jones, Nathan Shone, Mahmoud Hashem Eiza, "Secure Proximity-Based Identity Pairing using an Untrusted Signalling Service", IEEE Consumer Communications and Networking Conference (CCNC 2016), Las Vegas, NV, USA, 9-12 January 2016. More info....
    Download: pdf, LaTeX.

  • "On the evaluation of reputation and trust-based schemes in mobile ad hoc networks"

    Sohail Abbas, Madjid Merabti, David Llewellyn-Jones, "On the evaluation of reputation and trust-based schemes in mobile ad hoc networks", Security and Communication Networks, Volume 8, Issue 18, pages 4041-4052, December 2015. More info....
    Download: pdf.