Department of Computer Science and Technology

Dr Markus Kuhn

I am a University Senior Lecturer in Computer Science at the University of Cambridge Computer Laboratory and a Fellow of Wolfson College.

• PhD, University of Cambridge (2002),
  Marie Curie scholarship
• MSc, Purdue University (1997),
  Fulbright scholarship
• Diplom-Informatiker, University of Erlangen (1996),
  Studienstiftung des deutschen Volkes

Primarily a computer scientist by training, I also have backgrounds in electronics, digital signal processing, communications engineering, and physiology. My broader interests cover most aspects of applied computer science and technology, including neurophysiology and robotics.

My research and that of my PhD students has focused so far on computer security, in particular hardware and signal-processing aspects of this very wide field. Compromising emanations, RFID security, and the security of positioning systems (distance-bounding protocols, authentication of navigation signals) have recently been particular areas of interest. I also worked in the past on hardware tamper resistance, smartcards, network security, “intellectual property” protection technology (in particular pay-TV conditional access), data compression, video and audio technology, FPGA applications, and some standardization matters (character sets, semi-structured data, file formats, etc.).

• Publications
• Information for local students: project ideas, supervisions
• Consulting services
• Security Group web pages

Contact information

Dr Markus Kuhn
University of Cambridge
Computer Laboratory
15 JJ Thomson Avenue
Cambridge CB3 0FD
United Kingdom

Reachability status: Away 7–21 April 2018.

PhD applicants: I may be able to take on 1–2 new PhD students from October 2018, and in particular look for applicants interested in hardware security, side-channel analysis, statistical signal processing, and/or radio-frequency electronics. See also below for the one funded studentship opportunity I have available this year. I'm happy to discuss your research proposals informally any time, but to be considered for a position, you must first submit your documents through the University's graduate admissions system (i.e., please do not via email me CVs, transcripts, or references).

Internships: I do not have any interships on offer.

Hardware-security PhD studentship available – October 2018

• PhD Studentship in Side-Channel Security (NR14857)

  I can offer a 3.5-year well-funded PhD studentship on side-channel security, starting in October 2018, to applicants interested in hardware security, radio communication, experiments with software-defined radio hardware, and digital signal processing. The basic idea of the project is to investigate, how radio waves reflected from an electronic device can pick up side-channel information about the processed data, and how that can be reconstructed and used to enhance eavesdropping range in comparison to purely passive electromagnetic eavesdropping attacks. Applicants should have an undergraduate or masters degree in computer science, electrical engineering, mathematics or physics. Please contact me for the more detailed description of the project idea that I submitted to the funding organization, which contains some related literature references. This description is not a replacement for the project proposal that we expect you to write up as part of you application, which should illustrate and outline your own research ideas and background in a related topic.

  Note: Due to the UK government funding source, this studentship is restricted to UK nationals, or applicants who have been resident in the UK for the past 10 years, and subject to the candidate being able to obtain a UK security clearance.

  • The official advert for this studentship expired on 22 April 2018, but I will still be looking applications until sometimes in mid May.
  • How to apply: PhD in Computer Science — applications and admission
  • Please quote the advert code NR14857 and my name in the application.

Recent publications

• Marios O. Choudary, Markus G. Kuhn: Efficient, portable template attacks. IEEE Transactions on Information Forensics and Security, Vol 13, No 2, February 2018, pp 490–501.
• Khaled Baqer, Johann Bezuidenhoudt, Ross Anderson, Markus Kuhn: SMAPs: Short message authentication protocols. Security Protocols Workshop 2016, 7−8 April 2016, Brno.
• Marios O. Choudary, Markus G. Kuhn: Efficient stochastic methods: profiled attacks beyond 8 bits. CARDIS 2014, LNCS 8968, pp. 85–103, 2015.
• Omar Choudary, Markus G. Kuhn: Template attacks on different devices. COSADE 2014, Paris, 14–15 April 2014, LNCS 8622.
• Omar Choudary, Markus G. Kuhn: Efficient template attacks. CARDIS 2013, LNCS 8419, pp. 253–270, 2014.
• Markus G. Kuhn: Compromising emanations of LCD TV sets, IEEE Transactions on Electromagnetic Compatibility, Vol. 55, No. 3, pp 564–570, June 2013.

More ...

Some other online texts

• Effective scientific electronic publishing contains a number of tips for preparing online papers, mostly intended for our local research group, but probably useful for others as well who want to generate nice PDF files with LaTeX.
• I have a long-standing interest in the international standardization of technical conventions. The habit of doing things differently than the rest of the world can be a source of great annoyance, especially on the Internet. In the early days of the web I wrote a few tutorials on areas that I feel particularly passionate about, some of which have become widely-quoted references over the years:
  • International standard date and time notation is a brief introduction to ISO 8601.
  • International standard paper sizes explains the A4 format used today everywhere outside North America. (I dearly wish folks in the U.S. gave up their strange “Letter” format, which only causes headaches all over the planet for users of word processors, laser printers, and copying machines.)
  • My UTF-8 and Unicode FAQ for Unix/Linux helped to kick-start replacing the now obsolete ISO 8859 8-bit character sets in the Linux world.
  • I wrote the Metric System FAQ for the USENET group misc.metric-system.
  • There is also an (unfinished) text about metric font sizes.
• I have a sideline interest in computer timekeeping. I proposed a new Time and calendar API for the C programming language, which stimulated a lot of activity in that direction. My UTC-SLS is a proposed standard for robust handling of UTC leap seconds in computers. There is also collected information on low-frequency radio time signals.

Software

• OTPW is my one-time password package for POSIX systems, optimized for being used with printed password lists and designed to be more robust against certain denial-of-service attacks than various older schemes.
• JBIG-KIT is my portable C implementation of a highly effective lossless bi-level image compression algorithm based on context sensitive arithmetic coding. The JBIG1 algorithm (specified in ITU-T Recommendation T.82) implemented in this library is especially suitable for compressing scanned documents and fax pages. You can also download the (German) project report (Studienarbeit) that I wrote about JBIG-KIT (abstract).
• I prepared and maintain the ISO 10646-1 extension of the classic X Window System pixel fonts.
• In early 1997, I wrote StirMark, a robustness testing tool for steganographic watermarking algorithms of still images. It is now maintained by Fabien Petitcolas.

Older material previously found here is now in my home page attic.

Teaching

I teach second and third year undergraduate courses in the Computer Science Tripos on Security, Cryptography, Digital Signal Processing, and Unix Tools.

Course materials pages: 2017/18, 2016/17, 2015/16, 2014/15, 2013/14, 2012/13, 2011/12, 2010/11, 2009/10.

I currently supervise as a PhD student Christian O'Connell. Former PhD students of mine that have already graduated: Piotr Zieliński, Steven Murdoch, Gerhard Hancke, Saar Drimer, Andrew Lewis, Marios Omar Choudary.

We organize a Security Seminar Series, which is open to the public.