Steven J. Murdoch

[ Portrait photographer Roland Eva | More photos ]

I am a researcher in the Security Group of the University of Cambridge, based in the Computer Laboratory, a fellow of Christ's College, and a member of the Tor project.

Some of my writings can be found on the Security Group blog: Light Blue Touchpaper.

[ follow me on Twitter | see my travel plans ]

News and Updates

03 September 2009
Added two new talks, given at the Cambridge Crime Symposium: Verified by Visa and MasterCard SecureCode and Evidence in Fraud Cases: Complexity and Access.

25 May 2009
Replaced main photo with a portrait by Roland Eva. Added photo archive.

19 May 2009
Added new programme committee membership for WPES 2009 and updated other entries.

04 May 2009
Released v0.1 of screentimelock, a simple utility that locks GNU screen for a time period, to reduce the temptation to always check mail, IRC, and Twitter.

01 April 2009
The slides for my talk at Microsoft Research, Cambridge – “System-Level Failures in Security” – are now available.

Professional activities

Program committee member

WPES 2009

8th Workshop on Privacy in the Electronic Society (WPES), 9 November 2009, Chicago, IL, US. Co-located with ACM Computer and Communications Security (CCS). Submission deadline is 12 June 2009 (see the CFP for further information).

Financial Cryptography 2010

Financial Cryptography and Data Security '10, Fourteenth International Conference, 25–28 January 2010, Tenerife, Canary Islands, Spain. Organized by the International Financial Cryptography Association. Submission deadline is 15 September 2009 (see the CFP for further information).

PETS 2009

9th Privacy Enhancing Technologies Symposium, 5–7 August 2009, Seattle, WA, US.

Previous programme committee membership

ACM Conference on Computer and Communications Security: 2007, 2008.

Privacy Enhancing Technologies Symposium (PETS): 2007, 2008.

Workshop on Privacy in the Electronic Society (WPES): 2006, 2007.

ACM Symposium on Applied Computing (Computer Security track): 2007.

FIDIS/IFIP Internet Security & Privacy Summer School: 2008.

Journal reviewing

Includes IEEE Transactions on Dependable and Secure Computing (2009), ACM Transactions on Information and System Security (2008), IEEE Transactions on Software Engineering (2008), IEEE/ACM Transactions on Networking (2007), IEEE Security & Privacy (2007), The Triple Helix (2008), Identity in the Information Society (2008).

Research interests

• Side-channels, covert channels, watermarking and steganography
• Operating system and network security
• Data collection and visualisation techniques
• Software engineering, maintainability and reverse-engineering
• Cryptography and security protocols
• Distributed databases, filesystems and versioning
• Smartcards and financial security
• Privacy, anonymity and traffic analysis
• Structured information formats (XML, SGML, LDAP, etc.) and markup languages
• Physical security and optical document security

Projects

Currently, my most active research topics are on anonymous communications (specifically the Tor Project) and banking security. For other activities, see my project list.

Recent publications

A full list of my papers can be found on the publications page.

• Optimised to fail: Card readers for online banking
  Saar Drimer, Steven J. Murdoch, Ross Anderson
  The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous weaknesses that are due to design errors such as reusing authentication tokens, overloading data semantics, and failing to ensure freshness of responses. The overall strategic error was excessive optimisation. There are also policy implications. The move from signature to PIN for authorising point-of-sale transactions shifted liability from banks to customers; CAP introduces the same problem for online banking. It may also expose customers to physical harm.
  Financial Cryptography and Data Security, Rockley, Barbados, 23–26 February 2009. [ paper | slides ]
• An Improved Clock-skew Measurement Technique for Revealing Hidden Services
  Sebastian Zander, Steven J. Murdoch
  The Tor anonymisation network allows services, such as web servers, to be operated under a pseudonym. In previous work Murdoch described a novel attack to reveal such hidden services by correlating clock skew changes with times of increased load, and hence temperature. Clock skew measurement suffers from two main sources of noise: network jitter and timestamp quantisation error. Depending on the target’s clock frequency the quantisation noise can be orders of magnitude larger than the noise caused by typical network jitter. Quantisation noise limits the previous attacks to situations where a high frequency clock is available. It has been hypothesised that by synchronising measurements to the clock ticks, quantisation noise can be reduced. We show how such synchronisation can be achieved and maintained, despite network jitter. Our experiments show that synchronised sampling significantly reduces the quantisation error and the remaining noise only depends on the network jitter (but not clock frequency). Our improved skew estimates are up to two magnitudes more accurate for low-resolution timestamps and up to one magnitude more accurate for high-resolution timestamps, when compared to previous random sampling techniques. The improved accuracy not only allows previous attacks to be executed faster and with less network traffic but also opens the door to previously infeasible attacks on low-resolution clocks, including measuring skew of a HTTP server over the anonymous channel.
  17th USENIX Security Symposium, San Jose, CA, USA, 28 July–01 August 2008. [ paper | slides ]
• Tools and Technology of Internet Filtering
  Steven J. Murdoch, Ross Anderson
  In 2008 the OpenNet Initiative published the results of their survey of global Internet filtering. This chapter gives an introduction to the concepts and technologies needed to better appreciate the results presented in the rest of the book. A short Internet primer is followed with a description of the different approaches to filtering, and their various advantages and disadvantages. Finally the role of filtering within a more general censorship regime is discussed.
  The full text of the other introductory chapters are available on the book website. Also available are the results of the survey itself.
  In Access Denied: The Practice and Policy of Global Internet Filtering, Ronald Deibert, John Palfrey, Rafal Rohozinski, Jonathan Zittrain, eds., (Cambridge: MIT Press), 2008. [ chapter ]
• Metrics for Security and Performance in Low-Latency Anonymity Systems
  Steven J. Murdoch, Robert N.M. Watson
  In this paper we explore the tradeoffs between security and performance in anonymity networks such as Tor. Using probability of path compromise as a measure of security, we explore the behaviour of various path selection algorithms with a Tor path simulator. We demonstrate that assumptions about the relative expense of IP addresses and cheapness of bandwidth break down if attackers are allowed to purchase access to botnets, giving plentiful IP addresses, but each with relatively poor symmetric bandwidth. We further propose that the expected latency of data sent through a network is a useful performance metric, show how it may be calculated, and demonstrate the counter-intuitive result that Tor's current path selection scheme, designed for performance, both performs well and is good for anonymity in the presence of a botnet based adversary.
  8th Privacy Enhancing Technologies Symposium (PETS 2008), Leuven, Belgium, 23–25 July 2008. [ paper | slides ]
• On the Origins of a Thesis
  Steven J. Murdoch
  A PhD thesis typically reads as an idealised narrative: how would the author perform their research had the results and conclusions been known in advance. This rarely occurs in practice. Failed experiments, unexpected results, and new collaborations frequently change the course of research. This paper describes the course of my thesis, and how its initial topic of distributed databases changed to covert channels, then anonymity, before eventually settling on links between the two. This illustrates concrete benefits from informal interactions, low-overhead collaboration, and flexibility of research project plans.
  International Workshop on Security and Trust Management (keynote), Trondheim, Norway, 16–17 June 2008. Published in Electronic Notes in Theoretical Computer Science, Elsevier (to appear). [ paper | slides ]

Recent talks

A full list of my talks can be found on the talks page.

• Evidence in Fraud Cases: Complexity and Access
  Steven J. Murdoch
  It is well known that technology is complicating fraud investigations, by increasing the complexity and quantity of evidence. This talk covers two particular examples: Cloud Computing and Chip & PIN. Cloud Computing means that now significant amounts of evidence will be held by third parties. These may be abroad, so require the use of Mutual Legal Assistance. Establishing a chain of custody and searching information may also be difficult. With Chip & PIN, cards now contain their own logs and create a cryptographic audit trail. Processing this information is helpful, but often banks will not co-operate or destroy evidence before it can be investigated.
  The Cambridge International Symposium on Economic Crime, Cambridge, UK, 30 August–06 September 2009. [ slides ]
• Verified by Visa and MasterCard SecureCode
  Steven J. Murdoch
  Verified by Visa and MasterCard SecureCode (brand names for 3-D Secure) authenticate cardholders performing online transactions. This talk describes how the system operates, and how it is vulnerable to attack. Because users cannot tell whether they are accessing their real bank, 3-D Secure trains customers to enter their password into untrustworthy sites. Phishing websites are already exploiting this vulnerability. Furthermore, the terms and conditions associated with 3-D Secure often leave customers in a weaker position than before, despite not being given the ability to reasonably detect fraudulent sites.
  The Cambridge International Symposium on Economic Crime, Cambridge, UK, 30 August–06 September 2009. [ slides ]
• System-Level Failures in Security
  Steven J. Murdoch
  Many security critical systems may appear to be secure in theory, but fail when deployed in real life. This talk will discuss examples of this problem, drawn from the fields of banking security and anonymous communications. The causes for these failings include interactions between security mechanisms, inappropriate abstractions, and lack of consideration for usability. In this talk I will argue that security is a system property, and that managing the complexity of the design process is the biggest challenge in building secure systems.
  Microsoft Research Lecture, Cambridge, UK, 01 April 2009. [ slides ]
• Freedom of Speech and the Internet
  Steven J. Murdoch
  The Internet was once hailed as being uncensorable and borderless, and as such, a benefit for freedom of speech and human rights in general. The reality is more complex. While the Internet has allowed groups to reach far larger audiences, and has complicated the roles of censors, the growth of the Internet has carried a cost. Pervasive surveillance, at scales only before imagined of, is now possible and the re-writing of history is commonplace. This talk will discuss the effects of the Internet, both good and bad, and how groups such as the Tor project are working to protect privacy and resist censorship.
  Cambridge University Amnesty International, Cambridge, UK, 11 February 2009. [ slides ]
• Security Failures in Smart Card Payment Systems: Tampering the Tamper-Proof
  Saar Drimer, Steven J. Murdoch, Ross Anderson
  PIN entry devices (PED) are used in the Chip & PIN (EMV) system to process customers' card details and PINs in stores world-wide. Because of the highly sensitive information they handle, PEDs are subject to an extensive security evaluation procedure. We have demonstrated that the tamper protection of two popular PEDs can be easily circumvented with a paperclip, some basic technical skills, and off-the-shelf electronics.
  25th Chaos Communication Congress, Berlin, Germany, 27–30 December 2008. [ slides | website | related paper ]

Miscellaneous

• OpenID protocol diagram
  Steven J. Murdoch
  I found that the OpenID specifications did not give a clear overview of the protocol message flow. So I produced a protocol diagram, which summarises the roles of the various parties, messages sent between them and their important components. Not all details are covered, and only the normal protocol traces are considered so it certainly should not be considered as an alternative to the specification, but I hope it will provide some clarification.
  [ protocol diagram (PDF 68K) ]

Contact Details

email (preferred):

post:

phone:

mobile:

fax:

Last modified 2009-05-25 12:48 +0100