Dr Steven J. Murdoch

Photo of Steven J. Murdoch
[ Portrait photographer Roland Eva | More photos ]

I am a researcher in the Security Group of the University of Cambridge, based in the Computer Laboratory, a fellow of Christ's College, and a member of the Tor project.

Some of my writings can be found on the Security Group blog: Light Blue Touchpaper.

Cambridge students may be interested in my Part II project proposals.

Tweets by @sjmurdoch

[ follow me on Twitter ]

News and Updates Subscribe to site updates feed

09 July 2014
Added ACM Author-Izer Service for my ACM publications.

27 June 2014
Added CTSRD-related publications: “CHERI: a research platform deconflating hardware virtualization and protection”, “Towards a Theory of Application Compartmentalisation”, “CHERI Instruction-Set Architecture”, “CHERI User’s Guide”, “BERI Hardware Reference”, and “BERI Software Reference”.

26 June 2014
Added slides for my OWASP AppSecEU keynote: “Anonymous Communications and Tor: History and Future Challenges”.

19 June 2014
Added new article, appearing in the Inside Risks column of the Communications of the ACM: “EMV: Why Payment Systems Fail”.

18 May 2014
Added new paper, presented at IEEE Security and Privacy: “Chip and Skim: cloning EMV cards with the pre-play attack”.

[ older news ]


Professional activities

Program chair

14th Privacy Enhancing Technologies Symposium, 16–18 July, 2014, Amsterdam, Netherlands.

General chair

Financial Cryptography 2011

Financial Cryptography and Data Security '11, 15th International Conference, 28 February–4 March 2011, St. Lucia. Organized by the International Financial Cryptography Association.

Previous programme committee membership

European Symposium on Research in Computer Security (ESORICS) 2011

ACM Conference on Computer and Communications Security: 2007, 2008, 2010, 2011.

Privacy Enhancing Technologies Symposium (PETS): 2007, 2008, 2009, 2011.

Financial Cryptography and Data Security (FC): 2010.

Workshop on Privacy in the Electronic Society (WPES): 2006, 2007, 2009.

ACM Symposium on Applied Computing (Computer Security track): 2007.

Workshop on Foundations of Security and Privacy (FCS-PrivMod): 2010.

FIDIS/IFIP Internet Security & Privacy Summer School: 2008.

Journal reviewing

Includes IEEE Transactions on Dependable and Secure Computing (2009), ACM Transactions on Information and System Security (2008), IEEE Transactions on Software Engineering (2008), IEEE/ACM Transactions on Networking (2007), IEEE Security & Privacy (2007), The Triple Helix (2008), Identity in the Information Society (2008).


For information on my availability for consultancy or expert witness work, please contact me.

Research interests


Currently, my most active research topics are on anonymous communications (specifically the Tor Project) and banking security. For other activities, see my project list.

Recent publications

A full list of my papers can be found on the publications page.

Recent talks

A full list of my talks can be found on the talks page. Talks accompanying papers can be found in the publications section.


Contact Details

email (preferred):

Steven.Murdoch at cl.cam.ac.uk
To send me encrypted email see my PGP keys page.


Dr Steven J. Murdoch
University of Cambridge
Computer Laboratory
15 JJ Thomson Avenue
United Kingdom


+44 1223 763566


+44 7866 807 628


+44 1223 334678

Last modified 2013-10-16 18:32:00 +0100

Valid HTML5   Valid CSS!   Open Rights Group, Founder #516

Note for search engines: My name is commonly misspelt as Steve Murdoch, Steve J. Murdoch, Stephen Murdoch, Stephen J. Murdoch, even sjm217 and sjmurdoch. I haven't seen anyone try 9803674m or murdocsj, which were my identifiers at the University of Glasgow, but in principle they might.