Dr Markus Kuhn
- PhD, University of Cambridge (2002),
Marie Curie scholarship
- MSc, Purdue
- Diplom-Informatiker, University of Erlangen
Studienstiftung des deutschen Volkes
Primarily a computer scientist by training, I also have backgrounds in electronics, digital signal processing, communications engineering, and physiology. My broader interests cover most aspects of applied computer science and technology, including neurophysiology and robotics.
My research and that of my PhD students has focused so far on computer security, in particular hardware and signal-processing aspects of this very wide field. Compromising emanations, RFID security, and the security of positioning systems (distance-bounding protocols, authentication of navigation signals) have recently been particular areas of interest. I also worked in the past on hardware tamper resistance, smartcards, network security, “intellectual property” protection technology (in particular pay-TV conditional access), data compression, video and audio technology, FPGA applications, and some standardization matters (character sets, semi-structured data, file formats, etc.).
Dr Markus Kuhn
University of Cambridge
15 JJ Thomson Avenue
Cambridge CB3 0FD
|Phone:||+44 1223 3-34676|
|Fax:||+44 1223 3-34678|
|Email:||mgk25 at cl.cam.ac.uk
(spam-filter delays possible)
Home address (only local access)
Reachability status: Back in Cambridge.
- An RFID Distance Bounding Protocol
(IEEE SecureComm 2005, Athens).
This paper describes an alternative to the classic Brands/Chaum crypto protocol for proofing how close together two communicating parties are, with some performance benefits for ultra-wideband RFID applications. Applications include the protection of next-generation payment and access-control smartcards against relay attacks.
- An Asymmetric Security Mechanism for
Navigation Signals (2004 Information Hiding
Workshop, Proceedings, Springer-Verlag, LNCS
This paper proposes a broadcast authentication technique for navigation signals (GPS, Galileo, Loran-C, etc.). The technique protects not only the integrity of the transmitted data, but also its nanosecond-resolution arrival time, and therefore the actual positioning result. In other words, it introduces an efficient and effective digital-signing technique for GPS-style signals that makes it practical to offer civilian users a level of security currently only available to the military. Applications include pay-as-you-go car insurance and road-charging schemes, where this technique can substantially help to prevent large-scale tampering. (slides)
- Compromising emanations: eavesdropping risks of computer
displays (Technical Report UCAM-CL-TR-577).
This is my PhD thesis on radio-frequency and optical eavesdropping techniques for computers. Some of its chapters are summarized in the following three papers:
- Optical Time-Domain
Eavesdropping Risks of CRT Displays (Proceedings of the
2002 IEEE Symposium on Security and Privacy,
Berkeley, California, 12–15 May 2002).
This award-winning paper extends the concept of TEMPEST eavesdropping to the optical band by demonstrating that the image displayed on a CRT can be reconstructed from diffusely reflected monitor light. (FAQ)
- Electromagnetic Eavesdropping
Risks of Flat-Panel Displays (4th Workshop on
Privacy Enhancing Technologies proceedings, Springer-Verlag, LNCS
This paper demonstrates that flat-panel displays with digital interface cables, including those in many laptops, can pose at least as much of an eavesdropping risk as CRTs. It also introduces a very effective new software-based protection technique. (slides)
- Security Limits for
Compromising Emanations (CHES 2005
proceedings, Springer-Verlag, LNCS
This paper outlines a protection standard against far-field VHF/UHF eavesdropping of video signals. (slides)
- Optical Time-Domain Eavesdropping Risks of CRT Displays (Proceedings of the 2002 IEEE Symposium on Security and Privacy, Berkeley, California, 12–15 May 2002).
- StegFS: A Steganographic File System
for Linux (Information Hiding Workshop 1999,
1768, pp. 463–477).
This paper describes the design and implementation of the first Unix/Linux file system with plausible deniability for the existence of hidden files.
Principles for Tamper-Resistant Smartcard Processors
Workshop on Smartcard Technology proceedings, Chicago, Illinois,
USA, May 10–11, 1999).
This award-winning paper was the first to describe how microprobing techniques compromised smartcard security in the pay-TV industry in the 1990s. It also proposed a number of countermeasures. Some of these have since been implemented in commercial security microcontrollers (perhaps even in the ones that you carry today in your banking card or mobile phone). (slides)
Some other online texts
- Effective scientific electronic publishing contains a number of tips for preparing online papers, mostly intended for our local research group, but probably useful for others as well who want to generate nice PDF files with LaTeX.
- I have a long-standing interest in the international
standardization of technical conventions. The habit of doing
things differently than the rest of the world can be a source of
great annoyance, especially on the Internet. I wrote a few
tutorials on areas that I feel particularly passionate about,
some of which have become widely-quoted references over the
- International standard date and time notation is a brief introduction to ISO 8601.
- International standard paper sizes explains the A4 format used today everywhere outside North America. (I dearly wish folks in the U.S. gave up their strange “Letter” format, which only causes headaches all over the planet for users of word processors, laser printers, and copying machines.)
- My UTF-8 and Unicode FAQ for Unix/Linux helped to kick-start replacing the now obsolete ISO 8859 8-bit character sets in the Linux world.
- I wrote the Metric System FAQ for the USENET group misc.metric-system.
- There is also a (still evolving) text about metric font sizes.
- I have a sideline interest in computer timekeeping. I proposed a new Time and calendar API for the C programming language, which stimulated a lot of activity in that direction. My UTC-SLS is a proposed standard for robust handling of UTC leap seconds in computers. There is also collected information on low-frequency radio time signals.
- OTPW is my one-time password package for POSIX systems, optimized for being used with printed password lists and designed to be more robust against certain denial-of-service attacks than various older schemes.
- JBIG-KIT is my portable C implementation of a highly effective lossless bi-level image compression algorithm based on context sensitive arithmetic coding. The JBIG algorithm (specified in ITU-T Recommendation T.82) implemented in this library is especially suitable for compressing scanned documents and fax pages. You can also download the (German) project report (Studienarbeit) that I wrote about JBIG-KIT (abstract).
- I prepared and maintain the ISO 10646-1 extension of the classic X Window System pixel fonts.
- In early 1997, I wrote StirMark, a robustness testing tool for steganographic watermarking algorithms of still images. It is now maintained by Fabien Petitcolas.
Older material previously found here is now in my home page attic.
- 2010 Michaelmas: Unix Tools, Forensic Signal Analysis
- 2011 Lent: Digital Signal Processing, Security I
- 2011 Michaelmas: Registration, Digital Signal Processing, Unix Tools
- 2012 Easter: Security I
- 2012 Michaelmas: Digital Signal Processing, Unix Tools
- 2013 Lent: Security I, Security II
- 2013 Michaelmas: Digital Signal Processing, Unix Tools
- 2014 Lent: Security I, Security II
Ross Anderson and I organize a Security Seminar Series, which is open to the public.