Markus Kuhn

I am a University Lecturer in Computer Science at the University of Cambridge Computer Laboratory and a Fellow of Wolfson College.

• PhD, University of Cambridge (2002),
  Marie Curie scholarship
• MSc, Purdue University (1997),
  Fulbright scholarship
• Diplom-Informatiker, University of Erlangen (1996),
  Studienstiftung des deutschen Volkes

Primarily a computer scientist by training, I also have backgrounds in electronics, digital signal processing, communications engineering, and physiology. My broader interests cover most aspects of applied computer science and technology, including neurophysiology and robotics.

My research and that of my PhD students has focused so far on computer security, in particular hardware and signal-processing aspects of this very wide field. Compromising emanations, RFID security, and the security of positioning systems (distance-bounding protocols, authentication of navigation signals) have recently been particular areas of interest. I also worked in the past on hardware tamper resistance, smartcards, network security, “intellectual property” protection technology (in particular pay-TV conditional access), data compression, video and audio technology, FPGA applications, and some standardization matters (character sets, semi-structured data, file formats, etc.).

• Project ideas for local undergraduate students.
• Consulting services
• Security Group web pages

Contact information

Dr Markus Kuhn
University of Cambridge
Computer Laboratory
15 JJ Thomson Avenue
Cambridge CB3 0FD
United Kingdom

Home address (only local access)

Reachability status: Back in Cambridge, catching up with 3 weeks of email.

Selected papers

• An RFID Distance Bounding Protocol (IEEE SecureComm 2005, Athens).

  This paper describes an alternative to the classic Brands/Chaum crypto protocol for proofing how close together two communicating parties are, with some performance benefits for ultra-wideband RFID applications. Applications include the protection of next-generation payment and access-control smartcards against relay attacks.

• An Asymmetric Security Mechanism for Navigation Signals (2004 Information Hiding Workshop, Proceedings, Springer-Verlag, LNCS 3200).

  This paper proposes a broadcast authentication technique for navigation signals (GPS, Galileo, Loran-C, etc.). The technique protects not only the integrity of the transmitted data, but also its nanosecond-resolution arrival time, and therefore the actual positioning result. In other words, it introduces an efficient and effective digital-signing technique for GPS-style signals that makes it practical to offer civilian users a level of security currently only available to the military. Applications include pay-as-you-go car insurance and road-charging schemes, where this technique can substantially help to prevent large-scale tampering. (slides)

• Compromising emanations: eavesdropping risks of computer displays (Technical Report UCAM-CL-TR-577).

  This is my PhD thesis on radio-frequency and optical eavesdropping techniques for computers. Some of its chapters are summarized in the following three papers:

  • Optical Time-Domain Eavesdropping Risks of CRT Displays (Proceedings of the 2002 IEEE Symposium on Security and Privacy, Berkeley, California, 12–15 May 2002).

    This award-winning paper extends the concept of TEMPEST eavesdropping to the optical band by demonstrating that the image displayed on a CRT can be reconstructed from diffusely reflected monitor light. (FAQ)

  • Electromagnetic Eavesdropping Risks of Flat-Panel Displays (4th Workshop on Privacy Enhancing Technologies proceedings, Springer-Verlag, LNCS 3424).

    This paper demonstrates that flat-panel displays with digital interface cables, including those in many laptops, can pose at least as much of an eavesdropping risk as CRTs. It also introduces a very effective new software-based protection technique. (slides)

  • Security Limits for Compromising Emanations (CHES 2005 proceedings, Springer-Verlag, LNCS 3659).

    This paper outlines a protection standard against far-field VHF/UHF eavesdropping of video signals. (slides)

• StegFS: A Steganographic File System for Linux (Information Hiding Workshop 1999, Springer-Verlag, LNCS 1768, pp. 463–477).

  This paper describes the design and implementation of the first Unix/Linux file system with plausible deniability for the existence of hidden files.

• Design Principles for Tamper-Resistant Smartcard Processors (USENIX Workshop on Smartcard Technology proceedings, Chicago, Illinois, USA, May 10–11, 1999).

  This award-winning paper was the first to describe how microprobing techniques compromised smartcard security in the pay-TV industry in the 1990s. It also proposed a number of countermeasures. Some of these have since been implemented in commercial security microcontrollers (perhaps even in the ones that you carry today in your banking card or mobile phone). (slides)

More papers ...

Some other online texts

• Effective scientific electronic publishing contains a number of tips for preparing online papers, mostly intended for our local research group, but probably useful for others as well who want to generate nice PDF files with LaTeX.
• I have a long-standing interest in the international standardization of technical conventions. The habit of doing things differently than the rest of the world can be a source of great annoyance, especially on the Internet. I wrote a few tutorials on areas that I feel particularly passionate about, some of which have become widely-quoted references over the years:
  • International standard date and time notation is a brief introduction to ISO 8601.
  • International standard paper sizes explains the A4 format used today everywhere outside North America. (I dearly wish folks in the U.S. gave up their strange “Letter” format, which only causes headaches all over the planet for users of word processors, laser printers, and copying machines.)
  • My UTF-8 and Unicode FAQ for Unix/Linux helped to kick-start replacing the now obsolete ISO 8859 8-bit character sets in the Linux world.
  • I wrote the Metric System FAQ for the USENET group misc.metric-system.
  • There is also a (still evolving) text about metric font sizes.
• I have a sideline interest in computer timekeeping. I proposed a new Time and calendar API for the C programming language, which stimulated a lot of activity in that direction. My UTS is a proposed standard for robust handling of UTC leap seconds in computers. There is also collected information on low-frequency radio time signals.

Software

• OTPW is my one-time password package for POSIX systems, optimized for being used with printed password lists and designed to be more robust against certain denial-of-service attacks than various older schemes.
• JBIG-KIT is my portable C implementation of a highly effective lossless bi-level image compression algorithm based on context sensitive arithmetic coding. The JBIG algorithm (specified in ITU-T Recommendation T.82) implemented in this library is especially suitable for compressing scanned documents and fax pages. You can also download the (German) project report (Studienarbeit) that I wrote about JBIG-KIT (abstract).
• I prepared and maintain the ISO 10646-1 extension of the classic X Window System pixel fonts.
• In early 1997, I wrote StirMark, a robustness testing tool for steganographic watermarking algorithms of still images. It is now maintained by Fabien Petitcolas.

Older material previously found here is now in my home page attic.

Teaching

• 2007 Michaelmas: Unix Tools, Digital Signal Processing
• 2008 Lent: Introduction to Security

I supervise several PhD students: Gerhard Hancke, Marcus Granado, Saar Drimer, and Andrew Lewis. Piotr Zieliński and Steven Murdoch have already graduated.

Ross Anderson and I organize a Security Seminar Series, which is open to the public.