Odds and ends. Just a few new things: some flaws in the Gridsure authentication scheme (their site here), and a redacted presentation given to the security group on the packet encryption used by Novalogic online tactical shooter Joint Operations. Presentation is here (PDF, 1.2MB); email me for the uncensored version.
Security, cheating and fairness in online FPS games. Check out a paper I have written describing my tentative theories about how network code design in online first person shooters has radical effects on fairness, tactics, and the perception of cheating. The paper is named "Boom! Headshot!" (PDF, 175KB) after the infamous caricature of a Counterstrike player "Doug", see here. For a more graphical treatment of the same topic, see my presentation slides (PDF, 2MB) on the same topic. These theories need a lot more work and testing, and alas playing computer games is not my day job!
Modelling cryptographic type systems in HSMs. Jolyon and I wrote a paper a while back about how the different metadata attached to cryptographic keys in HSMs is best categorised and described. In it, we present a "Four Axis" model of cryptographic type. Worth a read... Integrity of Intention (A Theory of Type for Security APIs) (PDF, 168KB).
Chip and PIN security and the relay attack. All the excitement now is about the relay attack, and Steven and Saar have put together some good pages describing their work on the security group projects page (also the academic paper is worth the read). Also check out the light blue touchpaper post here.
Social engineering, viruses, and worse. George and I had some fun theorising about how bad a really malicious virus actually could be, and what unusual infection vectors involving people we might see in the future. Check out our tech report entitled "A Pact With the Devil", presented at NSPW 2006.
Finally, you may also be interested in resources for victims of phantom withdrawals, the mysterious unexplained withdrawals of cash from bank accounts, where neither the bank nor customer admits liability. For a while, either for the purposes of posterity or vanity (not sure which!), I maintained a log of media coverage on my media page. Also check out the summary of articles at the bottom of the phantom withdrawals page here.
Be warned, my website gets hopelessly out of date from here onwards! If you want to see old versions of the page -- the way I used to present myself to the world, the people at http://www.archive.org are busy archiving the internet and may be able to help.
Hello! I am a research associate working in the security group at the University of Cambridge, studying Security APIs (in my spare time I work for MI6 as a secret agent). I have recently submitted a Phd based on research in this field done under the supervision of Ross Anderson. I have also been supervised by Larry Paulson. I currently live near Cambridge, but originate from the New Forest, where there are far more hills.
My research is all about "Understanding Security APIs". I am concerned with learning how to defeat, design, analyse and verify any sort of Security API. A list of my publications, technical details and resources are available on my research page, but a concise description follows here. The most common instantiation of Security APIs are within "Hardware Security Modules" -- tamper-resistant processors first conceived by banks and the military to protect sensitive information from physical attack. HSMs (also known as cryptoprocessors) are rapidly becoming more widespread, as corporations start using them to protect their PKIs, and manufacturers are examining how they can be used to enforce accessory control and new marketing models. I primarily explore how existing APIs can be defeated purely by using the constituent commands in unexpected ways or sequences.
In the last four years, I have engaged in much hands on work with HSMs and documentation for HSMs. I have analysed the CCA architecture for the IBM 4758, PKI/SSL security modules such as the nCipher nShield, prepayment eletricity metering modules, and most recently the Luna CA3 certification authority tokens originally manufactured by Chrysalis-ITS. Go to my research page to learn more, or read my paper "API-Level Attacks on Embedded Systems" PDF (140k) which gives a semi-technical overview of much of my work.
My most recent work is into gaining assurance of correctness of Security APIs. I am beginning to tackle this hard problem in co-operation with researchers in the Theory of Computation group at the Laboratory for Computer Science at MIT. I built my own API analysis tool to benchmark the diffiulty of analysis to find different sorts of attacks on APIs, and we are currently exploring existing general purpose tools such as theorem provers, to see if they can effectively reason about the properties of security APIs.
I'm also interested in a wide range of security related research, particularly in trusted computing such as Microsoft's NGSCB initiative and also TCPA. Anonymous distributed file storage networks, such as Freenet, are also interesting things, and I watch with curiosity the plight of personal privacy campaigners.I used to work in the office in the picture, at the desk on the left hand side, but we're now in a new lab. My comrades in the security group include George, Markus, Richard, Piotr, Jolyon, Steven, Stephen & Shishir. Also check out the homepage of an old friend of mine Matt Grounds, who is a Phd student at York.
I have a limited amount of time available for consultancy work connected with computer security. I regularly advise several companies on Security API design issues. Should you wish to discuss possible consultancy arrangements, please feel free to telephone or email me at the addresses at the top of this page. My curriculum vitae is available upon request.
Many of my friends are connected with Emmanuel College, where I spent three happy years avoiding getting any serious work done. I also have three friends at Cambridge whom I've known since the beginning of secondary school, who torment me by playing vicious practical jokes involving rearranging my furniture. Here are some now rather dated photos of some of my friends :
|I used to live in the nice yellow house on the
right, which used to be painted pink & blue (which
incidentally are the Emmanuel College colours). You can
see many of my family below, running from left to right
: myself, my grandad, my dad, my mum, (a friend), &
When I'm not stuck in front of a computer screen, I seem to get a fair few things going, ranging from the mischevious to the stupid, and from technical to athletic. The following list shows some of the things I've been involved with recently:
Created : 11/10/00
Last Update : 07/03/06