Formal Security Analysis of Cryptographic Protocols at Royal Holloway, University of London on FindAPhD.com

This project is no longer listed on FindAPhD.com and may not be available.

Click here to search FindAPhD.com for PhD studentship opportunities

Dr Guido Schmitz No more applications being accepted Competition Funded PhD Project (Students Worldwide)

Add
to
shortlist

Remove
from
shortlist

Institution
profile

Egham United Kingdom Cyber Security Data Analysis Computer Science Mathematics

About the Project

Cryptographic protocols are distributed algorithms that allow entities to perform security-related functions over a (potentially untrusted) network. Such protocols are ubiquitous, and their security is essential to almost any IT system.

It is quite challenging to create secure protocols as even small non-obvious mistakes can have fatal consequences. For example, the (very simple) Needham-Schroeder key exchange protocol contains a severe security flaw that went unnoticed for 17 years. For modern security protocols, such as TLS, it is even harder to ensure security. These protocols tend to be much more complex and are typically embedded into environments that introduce their own quirks and subtleties.

Formal methods provide a systematic way to perform comprehensive analyses of such protocols concisely and rigorously. They allow us to specify security goals precisely and enable us to prove that a protocol indeed guarantees such properties. Using this approach, we can find attacks (if a proof fails), develop fixes, and formally verify whether our fixes are sufficient. Moreover, we can even exclude unknown classes of attacks on the systems we analyse.

Although this field has been quite active in research for several decades now, there are still many open research questions to answer: Existing tools and approaches often struggle with analyses of complex protocols. Proofs are often quite laborious and are susceptible to human errors. Furthermore, modern environments such as Web, Mobile, and IoT also introduce their own complexity and pitfalls and blend into each other, creating new subtleties which can be an additional source of security issues. Hence, we need to develop new methods and techniques to tackle this complexity, mechanise and automate such security analyses to more extent, and take the characteristics of modern environments into account.

We are looking for applications from highly talented candidates with a background in computer science, information security, mathematics, or a related field interested in logic, proofs, and formal analysis techniques. We value strong analytical skills and solid programming knowledge. Prospective applicants are welcome to discuss with Dr Guido Schmitz

Funding Notes

The studentship includes
* Tuition fees:
* Maintenance: £21,285 for each academic year.

The Centre for Doctoral Training in Cyber Security for the Everyday can offer up to ten studentships per year, three of which can be awarded to international students (which includes EU and EEA.)
Please ensure you are familiar with the eligibility criteria set by UKRI and their terms and conditions.
In order to apply please visit the CDT website and follow the application instructions.
www.royalholloway.ac.uk/cdt

We’ve won a FindAMasters and FindAPhD Postgrad Award!

As a previous winner of a Postgrad Award, our university community has been recognised for their excellence in, and dedication to, postgraduate education. Studying with us means you’ll be part of a supportive environment that has been celebrated for its achievements and positive impact on our postgraduate students.

Find out more