Skip to main content

Our research areas

Our research areas

Critical infrastructures (CI) allowing society to function include sectors such as transportation, energy, telecommunications, health care, and financial services. Not only are most of these sectors heavily reliant on computer and information systems to function, but also form mutually (inter-)dependent networks.  Disruptions to these infrastructure networks can lead to severe economic consequences and may also lead to loss of life and endanger national security. 

By studying how infrastructures depend on one another and interact at different levels of abstraction, insights on vulnerabilities can be obtained that in turn can inform resilience measures including the design of mechanisms relying on information systems security. Many critical infrastructures ultimately rely on cyber-physical systems (CPS), and the security and resilience of these CPS forms a second major area of studies, which also translate to other domains such as industrial control systems or the Internet of Things. This requires the study of physical systems such as power stations and networks or transportation systems including ports or traffic management systems for vehicular traffic characterised by frequent hard real-time requirements and the need to maintain functionality even in degraded or compromised state that are not commonly in focus in information security. 

A major focus of ISG research on CI has been and remains on energy systems ranging from smart meters and distributed generation via the security of transmission and distribution networks against insider threats and external attacks and dynamic energy markets required to realise smart power networks and smart cities. Research facets range from the study of protocols and standards such as ISO/IEC 60870, 61850, and 64283 to understand vulnerabilities in control and monitoring systems to models of large-scale systems and how these can be manipulated or compromised by insiders or external attackers, potentially also in a stealthy manner. 

Other infrastructure sectors such as transportation and health care are increasingly relying on tightly coupled information systems, whether for managing and tracking freight containers in maritime and port systems or road transport required to interact with intelligent infrastructure and other vehicles or even energy networks for electric vehicles; understanding attack vectors and ways in which information security protocols and mechanisms may help in mitigating threats is crucial if these new interconnections are not going to result in an unacceptably brittle national and even transnational critical infrastructure. 

To this end the ISG engages not only with the national and international academic community, but also with infrastructure operators and concerned government entities, engaging in both research and consultancy activities. 





  • James Wright and Stephen Wolthusen. De-Synchronisation Attack Modelling in Real-Time Protocols Using Queue Networks: Attacking the ISO/IEC 61850 Substation Automation Protocol. In Gregorio D’Agostino and Antonio Scala, editors, Proceedings of the 12th International Conference on Critical Information Infrastructures Security (CRITIS 2017), Lecture Notes in Computer Science, pages 1–12, Lucca, Italy, October 2017. Springer-Verlag. (accepted for publication). 
  • Cristina Alcaraz, Javier Lopez, and Stephen Wolthusen. OCPP Protocol: Security Threats and Challenges. IEEE Transactions on Smart Grid, 8(5):2452–2459, September 2017.
  • Ammara Gul and Stephen Wolthusen. Measurement Re-Ordering Attacks on Power Sys- tem State Estimation. In Proceedings of the 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT Europe 2017), pages 1–7, Torino, Italy, September 2017. IEEE Press. (in press). 
  • Anne V. D. M. Kayem, Christoph Meinel, and Stephen Wolthusen. A Smart Micro-Grid Architecture for Resource Constrained Environments. In Proceedings of the 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA 2017), pages 1–8, Taipei, Taiwan, March 2017. IEEE Press
  • Cristina Alcaraz, Javier Lopez, and Stephen Wolthusen. Policy Enforcement System for Secure Interoperable Control in Distributed Smart Grid Systems. Journal of Network and Computer Applications, 59:301–314, January 2016
  • James Wright and Stephen Wolthusen. Limitations of IEC62351-3’s Public Key Management. In Proceedings of the 2016 IEEE 24th International Conference on Network Protocols (ICNP 2016), pages 1–6, Singapore, November 2016. IEEE Press.
  • Bernhard Schneidhofer and Stephen Wolthusen. Multigraph Critical Infrastructure Model. In Mason Rice and Sujeet Shenoi, editors, Critical Infrastructure Protection X: Proceedings of the 2016 International Conference on Critical Infrastructure Protection (ICCIP 2016), volume 485 of IFIP Advances in Information and Communication Technology, pages 149–167, Arlington, VA, USA, March 2016. Springer-Verlag.
  • Anesu M. C. Marufu, Anne V. D. M. Kayem, and Stephen Wolthusen. Circumventing Cheating on Power Auctioning in Resource Constrained Micro-Grids. In Proceedings of the 2016 IEEE 14th International Conference on Smart City (SmartCity 2016), pages 1380–1387, Sydney, Australia, December 2016. IEEE Press.
  • Bernhard Schneidhofer and Stephen Wolthusen. Multigraph Critical Infrastructure Model. In Mason Rice and Sujeet Shenoi, editors, Critical Infrastructure Protection X: Proceedings of the 2016 International Conference on Critical Infrastructure Protection (ICCIP 2016), volume 485 of IFIP Advances in Information and Communication Technology, pages 149–167, Arlington, VA, USA, March 2016. Springer-Verlag
  • Anesu M. C. Marufu, Anne V. D. M. Kayem, and Stephen Wolthusen. Circumventing Cheating on Power Auctioning in Resource Constrained Micro-Grids. In Proceedings of the 2016 IEEE 14th International Conference on Smart City (SmartCity 2016), pages 1380–1387, Sydney, Australia, December 2016. IEEE Press.
  • Pacome L. Ambassa, Anne V. D. M. Kayem, Christoph Meinel, and Stephen Wolthusen. Physical Attestation and Authentication to Detect Cheating in Resource Constrained Smart Micro-Grids. In Nora Cuppens-Boulahia, Costas Lambrinoudakis, Frédéric Cuppens, and Sokratis Katsikas, editors, Proceedings of the Second International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems (CyberICPS 2016), volume 10166 of Lecture Notes in Computer Science, pages 52–68, Heraklion, Crete, September 2016. Springer- Verlag.
  • Bader Alwasel and Stephen D. Wolthusen. Recovering Structural Controllability on Erdös-Rényi Graphs in the Presence of Compromised Nodes. In Erich Rome, Marianthi Theocharidou, and Stephen Wolthusen, editors, Proceedings of the 10th International Conference on Critical Information Infrastructures Security (CRITIS 2015), volume 9572 of Lecture Notes in Computer Science, pages 105–119, Berlin, Germany, September 2015. Springer-Verlag.
  • Goitom K. Weldehawaryat and Stephen D. Wolthusen. Modelling Interdependencies over Incomplete Join Structures of Power Law Networks. In Proceedings of the 2015 11th Inter- national Conference on the Design of Reliable Communication Networks (DRCN 2015), pages 173–178, Kansas City, MO, USA, March 2015. IEEE Press
  • Alessio Baiocco, Chiara Foglietta, and Stephen D. Wolthusen. Delay and Jitter Attacks on Hierarchical State Estimation. In Proceedings of the 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm 2015), pages 485–490, Miami, FL, USA, November 2015. IEEE Press.
  • Salaheddin Darwish, Ilia Nouretdinov, and Stephen D. Wolthusen. Towards Composable Threat Assessment for Medical IoT (MIoT). In Proceedings of the Fourth International Workshop on Privacy and Security in HealthCare 2017 (PSCare17), volume 113, pages 627-632, Lund, Sweden, September 2017.

Internal Links

External Links

We are living in a network society. Digital technologies and the services that they provide have become an integral part of our daily lives and continue to shape how we interact with each other and access information. This raises a number of critical security questions for governments, industry and society as a whole; questions that require wider engagement with the underlying sociological and psychological aspects of human behaviour. From an everyday security perspective, relational social practices that enable people to build and maintain trust in their daily interactions are as significant as technological security mechanisms designed to protect assets. The complexities of real-world information security, therefore, present a series of challenges that centre on factors driven by the ways humans interact with (and through) digital technologies and systems. This includes factors such as usability, trust, privacy, culture, identity, social embeddedness and ethics, to mention a few.   

The use of information technology has significantly reduced the distance between individuals, between companies and their employees, and between the state and its citizens, and it has enabled new modes of social interaction and mobilisation. And whilst cyber risks and threats are widely acknowledged and discussed in this context, the sociological and psychological drivers are rarely understood. This has a significant impact on cyber security policy design and implementation, which often fails to account for the attitudes, motivations and levels of trust that individuals ascribe to their security practices. In many ways, the dynamic relationship between people and technology is outpacing the security responses to it.

Members of the ISG are engaged in a number of research projects that aim to better understand the human aspects of cyber security in different contexts. These include, but are not limited to research into everyday security and digital service design (with a focus on marginalised communities), social media habits amongst military personnel, and risky security practices within organisations. Such projects enable an exploration into the relationship between digital practices and security through specific institutional cultures, examining the meanings that people ascribe to their security behaviours. To this end, ISG members connected to this research theme are engaged with industrial, government and civil society partners to impact upon cyber security policy and education; highlighting the significance of this work in economic, cultural, social, political, and behavioural contexts.




Doctoral students



Internal  Links

External Links

The Internet of Things (IoT) refers to the interconnection of everyday physical devices embedded with electronics, software, sensors, directly to the Internet and among themselves, with the ultimate goal of providing users with additional “smart” features. Examples of IoT devices span from smart-home devices, to smart-devices controlling larger environments, such as smart-cities, and critical infrastructure. Finally, it also includes security systems, ventilation and air conditioning systems (HVAC), autonomous vehicles and implantable medical devices. Gartner forecasts that 20.8 billion connected IoT devices will be in use worldwide in 2020. The IoT promises economic growth as well as convenience for users: it is estimated to have a potential economic impact of $2.7-$6.2 trillion by 2025 and to create more than 4 million developer jobs by 2020. While this is all excellent news for consumers, businesses and governments, the security (and safety) implications of the IoT are equally significant. This is because the IoT is blurring the line between physical and online lives: IoT enables cyber-attacks to have immediate and direct physical consequences. This is mostly due to the increasing number of vulnerabilities found in IoT devices on a daily basis. This trend is likely to continue as, firstly, IoT vendors seem to be more interested in delivering a new "smart" feature baked into an existing device, maybe by packing together components from different manufactures, rather than actually thinking at possible security and safety consequences this new feature may introduce. Secondly, security has also an additional cost (e.g., training developers, providing updates and patches) that maybe is not marginal for some IoT devices. Thirdly, vulnerabilities on IoT devices are often very difficult to update, due to hardcoded firmware, or to small interfaces or to unawareness of users. Finally, some IoT devices are meant to stay for long with us so their unsecure life may span more than 10 years.

Over the last years, a wide spectrum of research activities on IoT has been undertaken by the ISG, such as works on smart cards and RFID tags, as well as using sound threat modelling techniques to model and test the security of IoT devices in depth to understand and reduce their attack surface. The ISG hosts the Smart Card and IoT Security Centre (SCC), which was founded in October 2002 by Royal Holloway University of London, Vodafone and Giesecke & Devrient. The SCC receives support from, among others, the UK Cards Association, Transport for London and ITSO. The SCC is composed of 15 members who perform research activities on devices with relatively limited processing and memory resources and with direct network connectivity. Finally, also note that RHUL is a member of the IoT Security Foundation, and one of its visiting professors is the Chairman.



  • FutureTPM
  • DICE (Data Improved Customer Experience)
  • UK Cards Association
  • Visa International
  • Transport for London
  • ITSO


 Internal Links

External Links

In any multi-user computing environment, it is rare that all users should have unrestricted access to all resources maintained by the environment, whether those resources be memory, processor time, files, programs or printers.  Similarly, in any internetworked environment, it is rare that all network traffic should be allowed to traverse all networks: some traffic should be prevented from entering some networks (to minimise spoofing attacks, for example), while other traffic should be prevented from leaving particular networks (to minimise the risk of data exfiltration, say).  In short, access control is an essential security consideration in any multi-user computing or networked environment.

Access control is usually implemented by specifying some kind of policy and configuring hardware or software to enforce that policy.  The specific nature of policies and the means of enforcing such policies vary considerably.  An access control policy for a shared computer, for example may specify which users may read and write particular files.  In this case, the operating system will trap all attempts by a user-controlled program to open a file and confirm the user is authorised by the policy to do so.  A network access control policy is often specified as a set of firewall rules, each rule specifying whether network traffic satisfying particular criteria (such as source and destination addresses belonging to a particular range) should be allowed or dropped.  In this case, a device at an entry point to the network, such as a router, will inspect the network traffic (typically headers in TCP segments or IP and UDP datagrams), determine which rules apply and take appropriate action.

Computing and networking technologies have become ever more tightly interlinked.  In particular, we are now seeing the widespread use of cloud computing, where individuals and organisations outsource some of their computing facilities to third-party providers.  Files, for example, may be retrieved via the internet from a storage provider; or applications may run remotely with results returned via the internet from a cloud software-as-a-service provider.

The advent of widespread cloud computing poses significant security challenges, not least because the enforcement of an authorisation policy may become the responsibility of the cloud service provider, rather than the owner of the data or application.  Increasingly, advanced cryptographic techniques, such as attribute-based encryption and privacy-preserving computation, are playing a role in access control for cloud services, not least because the cloud service provider may not be trusted with plaintext data.

Nevertheless, there remain many challenges for access control in systems deployed and maintained within an organisation.  Business requirements and statutory controls are imposing increasingly complex constraints on the way in which data may be shared and modified.  The study of languages for specifying policies and efficient mechanisms for enforcing those policies is an active area of research, and one in which researchers at Royal Holloway have a particular interest.

Researchers in the ISG have a wide range of expertise in access control, both for traditional computing milieux, networks and internetworks, and cloud computing.



  • James Alderman, Christian Janson, Carlos Cid and Jason Crampton: Hybrid publicly verifiable computation, Proceedings of CT-RSA 2016
  • James Alderman, Christian Janson, Carlos Cid, Jason Crampton: Access control in publicly verifiable outsourced computation, Proceedings of ASIACCS 2015
  • David A. Cohen, Jason Crampton, Andrei Gagarin, Gregory Gutin, Mark Jones: Iterative plan construction for the workflow satisfiability problem, Journal of Artificial Intelligence Research
  • Jason Crampton and Conrad Williams: On completeness in languages for attribute-based access control, Proceedings of SACMAT 2016
  • Jason Crampton and James Sellwood: Path conditions and principal matching: A new approach to access control, Proceedings of SACMAT 2014
  • Jason Crampton, Naomi Farley, Gregory Gutin, Mark Jones and Bertram Poettering: Cryptographic enforcement of information flow policies without public information. Proceedings of ACNS 2015
  • Jason Crampton, Alexandre Pinto: Attribute-based encryption for access control using elementary operations, Proceedings of CSF 2014
  • Jason Crampton, Charles Morisset: PTaCL: A language for attribute-based access control in open systems, Proceedings of POST 2012
  • Zhiqian Xu, Keith M. Martin: Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage, Proceedings of TrustCom 2012
  • Eduarda S. V. Freire, Kenneth G. Paterson, Bertram Poettering: Simple, efficient and strongly KI-secure hierarchical key assignment schemes, Proceedings of CT-RSA 2013


Research Theme Contact:

Martin Albrecht

In 1994, Peter Shor presented an efficient quantum algorithm for solving the computational problems (factoring and discrete logarithms in abelian groups) underpinning current public-key cryptography, invalidating their security in a world where large-scale quantum computers exist. To date, nobody has announced a sufficiently big quantum computer to run Shor's algorithm for any non-trivial problem and it remains unclear if it is at all possible. Nevertheless, recent progress in the area of quantum computing has researchers, standards bodies and governments concerned (see external links below). Some estimates cited by NIST put a sufficiently large quantum computer for running Shor's algorithm on cryptographic problems as early as 2030, whereas transitions of cryptographic algorithms have taken about 20 years in the past.

To address this issue, researchers are studying quantum-safe alternatives to the current generation of public-key cryptography. Furthermore, standards bodies have initiated processes to select algorithms for post-quantum cryptography. In particular, the US standards body NIST is currently evaluating proposals and runs a selection process for standardisation. Whatever we may think of the timeline or even plausibility of the arrival of general quantum computers, post-quantum cryptography is coming.

As alluded to above, several candidates for post-quantum cryptography exist. However, there are still many challenges to overcome, before we can deploy these candidates with confidence. For example, these candidates have received much less scrutiny than e.g. RSA. It might be possible to find efficient quantum or even classical algorithms for solving some of the problems underlying these candidates. While this may seem unlikely, it is imperative to investigate this possibility in earnest to gain confidence.

Furthermore, if our schemes are secure in principle, we still need to choose parameters to ensure security well into the future. Just as we use the best available cryptanalysis to pick the required bit-size for RSA to remain secure for 50 or 100 years (in a pre-quantum world), we will have to rely on the best available cryptanalysis to pick parameters for quantum-safe schemes.

It is worth noting that quantum-safe cryptography is something rather different to quantum key distribution (QKD), which uses quantum mechanics to establish secure keying material between two parties. The former is concerned with drop-in replacements for current-generation cryptography usable without specialised hardware, yet secure against quantum adversaries. In contrast, QKD only covers limited distances so that trusted relays are needed for larger distances, invalidating end-to-end security.



PhD Students



  1. Martin R. Albrecht, Léo Ducas, Gottfried Herold, Elena Kirshanova, Eamonn W Postlethwaite, and Marc Stevens. “The general sieve kernel and new records in lattice reduction”. In: EUROCRYPT 2019. Springer. 2019, pp. 717–746
  2. Sean Murphy and Rachel Player. “δ-subgaussian Random Variables in Cryptography”. In: Australasian Conference on Information Security and Privacy. Springer. 2019, pp. 251–268
  3. Martin R. Albrecht, Benjamin R. Curtis, Amit Deo, Alex Davidson, Rachel Player, Eamonn W. Postlethwaite, Fernando Virdia, and Thomas Wunderer. “Estimate All the LWE, NTRU Schemes!” In: SCN 18. Ed. by Dario Catalano and Roberto De Prisco. Vol. 11035. LNCS. Springer, Heidelberg, Sept. 2018, pp. 351–367. doi: 10.1007/978-3-319-98113-019
  4. Ward Beullens and Simon R. Blackburn. “Practical Attacks Against the Walnut Digital Signature Scheme”. In: ASIACRYPT 2018, Part I. ed. by Thomas Peyrin and Steven Galbraith. Vol. 11272. LNCS. Springer, Heidelberg, Dec. 2018, pp. 35–61. doi: 10.1007/978-3-030-03326-22
  5. Martin R. Albrecht, Florian Göpfert, Fernando Virdia, and Thomas Wunderer. “Revisiting the expected cost of solving uSVP and applications to LWE”. in: ASIACRYPT 2017. Springer. 2017, pp. 297–322
  6. Martin R. Albrecht, Shi Bai, and Léo Ducas. “A subfield lattice attack on overstretched NTRU assumptions”. In: CRYPTO 2016. Springer. 2016, pp. 153–178
  7. Adi Ben-Zvi, Simon R. Blackburn, and Boaz Tsaban. “A Practical Cryptanalysis of the Algebraic Eraser”. In: CRYPTO 2016, Part I. ed. by Matthew Robshaw and Jonathan Katz. Vol. 9814. LNCS. Springer, Heidelberg, Aug. 2016, pp. 179–189. doi: 10.1007/978-3-662-53018-47
  8. Johannes A. Buchmann, Florian Göpfert, Rachel Player, and Thomas Wunderer. “On the Hardness of LWE with Binary Error: Revisiting the Hybrid Lattice-Reduction and Meet-in-the-Middle Attack”. In: AFRICACRYPT 16. Ed. by David Pointcheval, Abderrahmane Nitaj, and Tajjeeddine Rachidi. Vol. 9646. LNCS. Springer, Heidelberg, Apr. 2016, pp. 24–43. doi: 10.1007/978-3-319-31517-12
  9. Martin R. Albrecht, Carlos Cid, Jean-Charles Faugère, Robert Fitzpatrick, and Ludovic Perret. “On the complexity of the BKW algorithm on LWE”. in: Designs, Codes, and Cryptography 74.2 (Feb. 2015), pp. 325–354. issn: 0925-1022 (print), 1573-7586 (electronic). doi: url:
  10. Martin R. Albrecht, Rachel Player, and Sam Scott. “On the concrete hardness of Learning with Errors”. In: Journal of Mathematical Cryptology 9.3 (2015), pp. 169–203

Internal Links

External Links

The security and privacy of data is at the core of Information Security. The recent trend of continuous growth of generated and available data has led to the coining of the term big data to indicate the increased volume of data as well as the increased complexity in handling such data.

Over the last years, the ISG has worked on a wide variety of research topics related to the area of data security and privacy, from the development of advanced notions of data privacy and the design of privacy preserving protocols, to studies that help re-think security and privacy in the light of the digital revolution, as well as applying machine learning tools to malware analysis and exploring the latest technologies, such as secure cloud computing and blockchain.



  • TBC


Research and publications divided by sub-theme (i.e. area of data security and privacy to which the work is relevant)

Advanced notions of privacy
Privacy preserving protocols
Rethinking security and privacy
Machine learning
Cloud Security & Distributed Ledgers Technologies

Internal Links

External Links

  • TBC

Over the last two decades a very wide range of standards have been developed covering many aspects of cyber security. These documents have been published by national and international formal standardisation bodies, as well as by industry consortia. Many of these standards have become very widely used – to take just one example, the ISO/IEC 27000 series of standards has become the internationally adopted basis for managing corporate information security.

Despite their wide use, there will always be a need to revise existing security standards and to add new standards to cover new domains.  There are many research problems deriving from studies of existing standards, the development of revisions to existing standards, and the exploration of completely new areas of standardisation. Indeed, many security standards bodies are only beginning to address the issue of transparency, so that the process of selecting security techniques for standardisation can be seen to be as scientific and unbiased as possible.

Over the last 25 years, a wide spectrum of research on security standardisation, including, but not restricted to, work on cryptographic techniques, security management, network security, privacy and identity management, smart cards and RFID tags, and industry-specific security standards (e.g. those produced by the payments, telecommunications and computing industries for such things as payment protocols, mobile telephony and trusted computing) has been undertaken by members of the ISG.

The ISG has also been a prominent participant in a range of standards bodies, including the following:

  • Chris Mitchell (CM) has chaired BSI IST/33/2, dealing with cryptographic standardisation, since the early 1990s.  IST/33/2 is the UK shadow committee for ISO/IEC JTC 1 SC 27/WG 2, the international committee dealing with cryptographic standardisation, in which CM has participated for over 25 years.
  • Kenny Paterson (KP) is co-chair of the Crypto Forum Research Group (CFRG) of the Internet Research Task Force (IRTF), whose basic mission there is to be a source of expertise on cryptography for the IETF community.  KP has been co-chair since 2014.



Research and publications divided by sub-theme (i.e. area of standardisation to which the work is relevant).

Mobile security standards

  • K. Mayes, S. Babbage, and A. Maximov, ‘Performance Evaluation of the new TUAK Mobile Authentication Algorithm’, in Proc. ICONS/EMBEDDED, pp. 38-44, 2016.
  • K. Mayes, S. Babbage, and A. Maximov, ‘Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm’, International Journal On Advances in Security, 2016 nos. 3&4, articleid: 55009.
  • TR 35.935 Specification of the TUAK algorithm set: A second example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 5: Performance evaluation
  • Keith Mayes, "Performance Evaluation of the TUAK algorithm in support of the ETSI Sage standardisation group". ISG Smart Card Centre, Royal Holloway University of London; (available at
  • Keith Mayes, "Performance Evaluation of the TUAK algorithm in support of the GSMA and ETSI SAGE standardisation group"; ISG Smart Card Centre, Royal Holloway University of London; Crisp Telecom Limited; (available at
  • M. S. A. Khan and C. J. Mitchell, 'Improving air interface user privacy in mobile telephony', in: L. Chen and S. Matsuo (eds.), Security Standardisation Research, Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings, Springer-Verlag LNCS 9497, Berlin (2015), pp.165-184.
  • M. S. A. Khan and C. J. Mitchell, 'Retrofitting mutual authentication to GSM using RAND hijacking', in: G. Barthe, E. Markatos and P. Samarati (eds.), Security and Trust Management - 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings, Springer-Verlag LNCS 9871, Berlin (2016), pp.17-31.
  • M. S. A. Khan and C. J. Mitchell, 'Trashing IMSI catchers in mobile networks', to appear in: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2017), Boston, USA, July 18-20, 2017, ACM (2017).


IETF standards

  • M. N. Kayuni, M. S. A. Khan, W. Li, C. J. Mitchell and P. Yau, 'Generating unlinkable IPv6 addresses', in: L. Chen and S. Matsuo (eds.), Security Standardisation Research, Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings, Springer-Verlag LNCS 9497, Berlin (2015), pp.185-199.
  • K.G. Paterson and T. van der Merwe. ‘Reactive and proactive standardisation of TLS, in: L. Chen, D. McGrew and C.J. Mitchell (eds.), Security Standardisation Research (SSR), Lecture Notes in Computer Science, Vol. 10074, pp. 160-186, Springer 2016.
  • M.R. Albrecht, J.P. Degabriele, T.B. Hansen and K.G. Paterson. ‘A surfeit of SSH cipher suites’, in: E.R. Weippl, S. Katzenbeisser, C. Kruegel, A.C. Myers and S. Halevi (eds.), Proceedings of the 2016 ACM Conference on Computer and Communications Security (CCS 2016), pp. 1480-1491, ACM Press, 2016.
  • C. Cremers, M. Horvat, S. Scott and T. Van Der Merwe. ‘Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication’. IEEE Symposium on Security and Privacy 2016. 2016. p.470-485.
  • M.R. Albrecht and K.G. Paterson. ‘Lucky Microseconds: A Timing Attack on Amazon's s2n Implementation of TLS’. In M. Fischlin and J.-S. Coron (eds.), EUROCRYPT 2016 (1), Lecture Notes in Computer Science, Vol. 9665, pp. 622-633, Springer, 2016.
  • C. Garman, K.G. Paterson and T. van der Merwe. ‘Attacks only get better: Password recovery attacks against RC4 in TLS’. In USENIX Security Symposium 2015.[USENIX version (inc. video)].
  • K.G. Paterson, B. Poettering and J.C.N. Schuldt. ‘Big Bias Hunting in Amazonia: Large-scale Computation and Exploitation of RC4 Biases’ (Invited Paper) In T. Iwata and P. Sarkar (eds.), ASIACRYPT 2014, Lecture Notes in Computer Science Vol. 8873, pp. 398-419, Springer, 2014.
  • N.J. AlFardan, D.J. Bernstein, K.G. Paterson, B. Poettering and J.C.N. Schuldt. ‘On the Security of RC4 in TLS’. In USENIX Security Symposium 2013.[USENIX version (inc. video); website:].
  • N.J. AlFardan and K.G. Paterson. ‘Lucky Thirteen: Breaking the TLS and DTLS Record Protocols’. In IEEE Symposium on Security and Privacy, pp. 526-540, IEEE Computer Society, 2013.[Website:]
  • H. Krawczyk, K.G. Paterson and H. Wee. ‘On the Security of the TLS Protocol: A Systematic Analysis’. In R. Canetti, J.A. Garay (eds.), CRYPTO 2013 (1), Lecture Notes in Computer Science Vol. 8042, pp. 429-448, Springer, 2013.
  • K.G. Paterson, T.E. Shrimpton and T. Ristenpart, ‘Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol’. In D.H. Lee and X. Wang (eds.), ASIACRYPT 2011, Lecture Notes in Computer Science Vol. 7073, pp. 372-389, Springer, 2011.
  • J.P. Degabriele and K.G. Paterson, ‘On the (In)security of IPsec in MAC-then-Encrypt Configurations’. In E. Al-Shaer, A.D. Keromytis and V. Shmatikov (eds.), Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), pp. 493-504, ACM, 2010.
  • M.R. Albrecht, K.G. Paterson and G.J. Watson, ‘Plaintext Recovery Attacks Against SSH’, IEEE Symposium on Security and Privacy, IEEE Computer Society 2009, pp. 16-26. 


OAuth and OpenID Connect

  • W. Li and C. J. Mitchell, 'Security issues in OAuth 2.0 SSO implementations', in: S. S. M. Chow, J. Camenisch, L. C. K. Hui and S.-M. Yiu (eds.), Information Security - 17th International Conference, ISC 2014, Hong Kong, China, October 12-14, 2014. Proceedings, Springer-Verlag LNCS 8783, Berlin (2014), pp.529-541.
  • W. Li and C. J. Mitchell, 'Analysing the security of Google's implementation of OpenID Connect', in: J. Caballero, U. Zurutuza and R. J. Rodriguez (eds.), Detection of Intrusions and Malware, and Vulnerability Assessment, 13th International Conference, DIMVA 2016, San Sebastian, Spain, July 7-8, 2016, Proceedings, Springer-Verlag LNCS 9721, Berlin (2016), pp.357-376.


ISO/IEC cryptography and security standards

IEEE standards

  • K.G. Paterson, B. Poettering and J.C.N. Schuldt. ‘Plaintext recovery attacks against WPA/TKIP’. In C. Cid and C. Rechberger (eds.), FSE 2014, Lecture Notes in Computer Science, Vol. 8540, pp. 325-349, Springer 2014.

Payment standards

Trusted computing


Security Futures theme brings together and highlight some of the more tentative, emergent and experimental aspects of RHUL’s work in technology and security. The focus of work in this theme is to bring security researchers into conversation with those researchers who are exploring future worlds, societies, communities and economies. These collaborations are leading to new understandings of security that are leading to innovations in public policy, technology design and security education.

Our work can currently be grouped into four futures themes:

  • The workplace and futures of work, 
  • The state and futures of security and protection,
  • Future societies 
  • Future economies

Examples of our work include:

Future societies:

Future visions and outer space: Researchers in Geography and ISG are involved in work that seeks to understand ‘after Earth’ securities through engagements with analogue spaces and artificial environments on Earth to support future visions about Outer Space. This work breaks away from existing STEM research to account for the under-explored, yet profound, social, cultural, and political implications of these enclosures. It encourages critical thought about Earth futures centred on human (in)securities, sustainability and social justice rather than the inequalities that are implicit in unfolding Anthropogenic and ‘after Earth’ imaginaries. (RHUL researcher: Rikke Bjerg Jensen (ISG), Rachel Squire and Peter Adey (Geography))

Alternative security futures: State and private narratives of security, how people use stories to feel secure, keeping and sharing secrets, stories as models. (RHUL researcher: Adam Ganz (Media Arts), Claude Heath and Elizabeth Quaglia (ISG))

Refugee security and resettlement in a new land: Using techniques from micro economics to imaginatively reconstruct complex systems for the allocation of social goods (e.g. housing, refugee resettlement and welfare) in order to build empowering systems that work to serve the safety and security of all. (RHUL researcher: Will Jones (PIR))

Building on our pasts to protect our futures: The contributions of world heritage to a sustainable future and the reduction of future disaster risks. As part of this work, the links between the digital and a community’s heritage are explored to understand the ways in which such links might contribute to resilience and security. (RHUL researcher: Zena Kamash (Classics) and Lizzie Coles-Kemp (ISG))

The future state infrastructures of protection:

Future security technologies: Research to develop foundational building blocks  to protect against future adversaries  such as quantum computer and that also provide advanced security  features such as anonymity. (RHUL researcher: Martin Albrecht (ISG))

Possible security futures in a codified society: Study of the intersections between individual security and security of digital technologies. This is a five-year study programme (running until August 2021) that brings security theories from the social sciences into conversation with digital design to develop alternatives to traditional digital security strategies (RHUL researcher: Lizzie Coles-Kemp (ISG))

Future economies:

Security technologies for emerging markets: We look at the use of technology in developing countries, and study the gap between secure technology design and practical technology adoption, highlighting the need for technology to be designed for and placed into a cultural and societal context and to create alternative technological designs and processes to achieve this. (RHUL researcher: Elizabeth Quaglia (ISG))


Martin Albrecht

Lizzie Coles-Kemp

Adam Ganz

Claude Heath

Rikke Bjerg Jensen

Will Jones

Zena Kamash

Elizabeth Quaglia

Projects related to the theme:

Everyday Safety-Security For Everyday Services

Refugees’ Say

External Links:

Sustainable Development: World Heritage and Sustainable Development


Squire, Rachael. 2017. "‘Do you dive?’ : Methodological considerations for engaging with ‘volume’." Geography Compass. 11(7).

Squire, Rachael. 2017. "Sub-marine territory: living and working on the seafloor during the Sealab II experiment." In Kim Peters, Philip Steinberg, Elaine Stratford (eds.), "Territory Beyond Terra." London: Rowman & Littlefield.

Squire, Rachael. 2016. "Immersive terrain: the US Navy, Sealab and Cold War undersea geopolitics." Area 48(3): 332–338.

Coles-Kemp, L. and Hansen, R.R., 2017, July. Walking the line: The everyday security ties that bind. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 464-480). Springer, Cham.

New Directions in Secure Branchless Banking, Elizabeth A. Quaglia and Claude P.R. Heath, in Strategic Narratives for Technologies in Africa, Madeira, 2017.


Applied Cryptography (Prof Kenny Paterson)

Cyber Crime, Legal and Regulatory Aspects (Robert Carolina)

Embedded and Cyber Physical Systems Security (Prof Konstantinos Markantonakis)

Explore Royal Holloway

Get help paying for your studies at Royal Holloway through a range of scholarships and bursaries.

There are lots of exciting ways to get involved at Royal Holloway. Discover new interests and enjoy existing ones

Heading to university is exciting. Finding the right place to live will get you off to a good start

Whether you need support with your health or practical advice on budgeting or finding part-time work, we can help

Discover more about our 21 departments and schools

Find out why Royal Holloway is in the top 25% of UK universities for research rated ‘world-leading’ or ‘internationally excellent’

Royal Holloway is a research intensive university and our academics collaborate across disciplines to achieve excellence.

Discover world-class research at Royal Holloway

Discover more about who we are today, and our vision for the future

Royal Holloway began as two pioneering colleges for the education of women in the 19th century, and their spirit lives on today

We’ve played a role in thousands of careers, some of them particularly remarkable

Find about our decision-making processes and the people who lead and manage Royal Holloway today