RHUL Cyber CDT Blog

This year’s Asiacrypt took place from 4th to 8th December in Guangzhou, China. Many of the presented works contained fascinating ideas, and I also really enjoyed many of the talks that were outside of my research area, homomorphic encryption. For example, the work of [CMT23] proposed an attack on Goppa codes based on fascinating ideas from computational algebraic geometry. Another cool work containing cryptanalysis is [WW23], who presented a potential, very insightful break of the k-R-ISIS assumption in addition to their construction of functional commitments. The session on HE contained four talks, including our talk on using Galois automor-phisms for faster bootstrapping [OPP23]. Afterwards, Zeyu Liu presented their work on bootstrapping [LW23]. It was really nice to finally meet him and his coauthor Yunhao Wang, as we had already exchanged emails before. The other talks on HE proposed a way to compress rotation/Galois keys using a hierarchical structure [Lee+22] and improvements to ...

Far out in the heavily charted waters of the icy Arctic Sea lies a much regarded archipelago called Svalbard, and there, on the largest island Spitzbergen, is a town called Longyearbyen. Much regarded, that is, by international eyes seeking a foothold in the Arctic as ice and snow melt away with climate change, 'opening up' the once mystical Northwest Passage to allow for trading and further extraction of fossil fuels, the use of which continues to be a major contributor to climate change. Consequently, Norway is seeking to maintain its presence on the archipelago as even more eyes turn northwards. There is much fanfare regarding Longyearbyen's "remoteness," and yet it is host to numerous festivals, including the northernmost Blues music festival, Dark Season Blues, and is regarded as home to a whole host of people from various different corners of the globe; in fact, there are over fifty different nationalities registered in Longyearbyen. It was the Blues festiva...

From 13th to 17th November, I attended Web Summit 2023 in Lisbon as part of the Women in Tech network. Despite being an industry-facing conference, the insights provided valuable perspectives on the fast-paced tech environment.   With over 70,000 attendees and 800 speakers, selectivity in talk attendance was necessary. I focused on cybersecurity, privacy, Generative AI, regulations, and ethics. Crucial themes included robust cybersecurity measures, the evolving threat landscape with Generative AI, and the need for proactive strategies. Privacy, a fundamental right, was discussed in safeguarding personal data. Trust in technology, especially with big tech, was scrutinized, emphasizing transparent practices and ethical considerations. Calls for meaningful regulations for responsible tech use were prominent.   A personal highlight was the privilege of hearing impactful thought leaders, including Meredith Whittaker (Director of Signal), who shared insights on the ethical dimensio...

 An interesting fact hit me when I arrived in Zurich, that I didn’t really plan travel as diligently as I used to. Why indeed would I need to when my mobile phone gives access to information whenever I need it. Indeed my phone would pick up signal soon and give access to my onward journey details. Just need to wait and be patient. Just a bit longer and it will connect. Keep heading out the airport and the phone will be there for you. Or maybe not. Okay, the old fashioned way it is then. Look at signs, use brain, modernity will reawaken surely at some point. No problem. Train to central Zurich then tram to hotel, easy. Indeed. Slight concern passing a riot truck with multiple armed police as I changed from tram to train but on track (indeed now power line too). Hang on riot truck and armed police… mmm… carry on… phone refresh… nope not alive yet. Ah, my stop. Indeed the last stop. As I got off and the circular ending took the tram back into the city. Leaving me, well in the middle o...

At the somewhat antisocial hour of 4am on the 12 th  September 2023, a taxi arrived to take me to Heathrow Airport – destination Limassol in sunny Cyprus for the annual COPA (Conformal and  Probabilistic Prediction with Applications) conference organised by Frederick University Cyprus. This conference is not a typical security conference as it is focused on the advancement of machine learning and conformal prediction. However, many of the theories presented and their applications such as advancements to concept drift and conformal prediction have been used in security papers in fields such as finance and malware.   I would say that the value of attending a conference is not limited to listening to people’s presentations. The opportunity to network with other researchers and companies and see how they are using similar technologies was invaluable. I was able to speak to the creators of machine learning libraries that I use and it was interesting to hear that they lo...

On Saturday 1st July over 1,000 alumni and current participants of the Teach First program gathered at the Totteridge Academy in North London. The reason? Teach First was celebrating 20 year of tackling educational inequality. Initially set up with a cohort of c.150, myself being one of the ‘guinea pig’ year back in 2003, it has grown to over ten times this annual number. Over this time technological developments have come thick and fast, with ChatGPT being just the latest of inventions to grab the public imagination. Initial discussions I’ve had at university and in my school governor role took the form of how students can use ChatCPT to cheat on assignments. These discussions evoked a situation 20 years ago when Wikipedia pages were used by pupils verbatim to circumvent actually doing research homework. So like most things, a problem which is not completely without precedent, but giving some additional challenges. An evolution of the ‘cheating student’ discussion followed into how Ch...

After enjoying the privilege of a long vacation and a few months of distance since my viva, it is time to reflect upon my time in the CDT. A long time ago, in 2018, when the UK was still part of the EU and for most people in Europe pandemic referred only to a board game, I moved to the green and leafy Egham hill. Knowing little of what the future had in store, I had a great time making new friends in my cohort and beyond, enjoying the social activities of the CDT and running with colleagues in the Windsor Great Park. Further, having access to a seemingly unlimited travel budget opened the door to the cryptographic community widely. Leaving my comfort zone and going to my first cryptography conferences and summer schools, I got to know other researchers. This made it not only more fun - and less scary - to go to conferences in later years, but also proved invaluable for the exchange of research ideas, for starting new collaborations and working together with people across borders during...

On June 29th and 30th, Royal Holloway’s CDT in Cyber Security for the Everyday was delighted to host colleagues from the cyber security CDTs based in Bath/Bristol and UCL for the annual Inter-CDT Summer Conference. This conference series is student-led and student-organised, with this year’s conference theme being Making Connections. Making Connections is an important aspect of the PhD journey for each CDT student, since researchers are not only expected to make connections with students from their own cohort and other cohorts, but also make connections between the many different facets of cyber security that have relevance to their specific research projects. This typically also involves making connections with individuals from other organisations, including other CDTs, which is precisely what the Inter-CDT Summer School facilitates. The conference was excellent planned, with a real mix of activities and formats. Day one began with an ice-breaking activity which immediately enabled co...

This past month, we flew to Oregon to attend the 2023 Oregon Programming Languages Summer School. OPLSS was over two weeks, with the two Sundays free. The lectures were an hour and a half, 4 times a day. The first week lent more heavily into the maths behind languages and proofs over languages with lectures on the Lambda cube, proof theory, logical relations and Category theory. The second week was more about the use of the previous week's content for topics such as program analysis, verified compilation and program synthesis. There were also 3 participant talk sessions where other participants gave talks on their own research areas. These talks gave a really interesting opportunity to hear about what current MSc and PhD students are working on, and led to some very interesting discussions all round! Thanks to these talks, as well as general chats throughout the fortnight, OPLSS was an amazing opportunity to meet other early stage researchers and industry folk working in related ar...

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the ph...

 At the end of May 2023, a group from the Royal Holloway CDT attended the 2023 edition of CyCon in the Estonian capital, Tallinn. CyCon – the International Conference on Cyber Conflict – is organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which is based in Estonia. The Royal Holloway CDT has a strong tradition of attending CyCon and of working with the CCDCOE. Some of this year’s group also attended in 2022 – you can find a write-up of that trip here :  The theme of the conference was ‘Meeting Reality’ – a phrase that perhaps reflected the continuing impact of Russia’s invasion of Ukraine. The talks covered a wide range of policy, legal, and technical aspects of cyber conflict. A highlight for us was attending the talk given by Royal Holloway’s own Andrew Dwyer on the evolution of the UK’s concept of cyber power. In between talks, CyCon served up an insight into the intersection of the academic, military, and government circles. Technical special...

Rights Con is an international conference which brings conversations on the intersection of digital and human rights together, as described on their website it is, 'The world’s leading summit on human rights in the digital age.' Originating as the Silicon Valley Human Rights Conference in 2011, Rights Con in 2023 is now a community of 8000+ people passionate about the freedom and protection of communities navigating through technological developments.   I was delighted to be selected to participate in the Young Leader's Summit which took place the day before the official conference began. With approximately 30 young people in the room, it was a wonderful opportunity to connect with and learn from other passionate young people working at many different angles of digital rights. The relationships built throughout this session became a foundation for the busy week ahead. The day started with a session by Data 4SDGs to discuss data values followed by the Internet Society who le...

Having now reached the end of the process, this is a good time to reflect upon my CDT and PhD experience as a whole.  I have separated out ‘PhD’ from ‘CDT’ for a reason. The CDT approach of a first year of learning within a cohort environment offers many advantages compared to a PhD solo venture. The interaction with fellow cohort members, and the ability to experiment with other areas of cybersecurity that I wouldn’t otherwise have gone anywhere near, provided an experience that I believe is far more valuable than just the PhD research portion alone.  Something I didn’t consider was how it would feel to actually finish the programme. By the time my viva arrived, I had already been in work for a number of months. Passing the viva was a strange experience – whilst it was somewhat anticlimactic (probably due to the fact I hadn’t been working fulltime on my PhD in the run-up), something certainly felt different. It took a few minutes sitting in the car for it all to sink in! ...

 I have recently travelled to Rome, where I had the opportunity to present the paper AWSomePy: A Dataset and Characterization of Serverless Applications at one of the workshops of the EuroSys 2023 conference. It has certainly been a positive experience, despite the odd feeling of being – for the first time ever – in my home country for work! The 1st SESAME workshop touched several aspects of Serverless Computing, my area of study, and it was very interesting, despite not having a focus on security. The organization of the event was very good, and I must say that I have particularly appreciated that the proceedings were published online on the day of the workshop, without having to wait for weeks. My talk, which described the characterization work recently done with my supervisory team on the new dataset AWSomePy , was rightly included in the session Understand What You Optimize, and went reasonably well. I had a couple of questions, which gave me food for thoughts and – at the sa...

 ACM CHI is a five-day-long top-tier conference on Human-Computer Interaction. This year it was held in Hamburg with over 4000 attendees from 72+ countries. We decided to attend this conference as our research interests revolve around the social foundations of security. Jessica is interested in security practices in post-conflict societies, while Mikaela focuses on perceptions of secure messaging in activist communities. We believed that this conference would provide valuable insights into our respective areas of interest. Our experience at CHI (pronounced ’kai’) was truly amazing, and we found it to be a highly worthwhile conference to attend. With the opening ceremony feeling somewhat like Eurovision, it set the tone for an exciting and eclectic week ahead! The opening keynote prioritised human aspects of cybersecurity, highlighting the growing space for information security researchers within the CHI community. It was the first time for both of us to attend CHI and we were both...