- Simon Bell
Simon’s thesis focuses on a data-driven approach to investigate phishing and malware attacks on Twitter. By collecting and analysing large-scale datasets, Simon explored how effective Twitter’s defence system is at protecting its users against these malicious attacks
- Dr Giovanni Cherubin
Giovanni's research focused on applying results of the Machine Learning theory (e.g., classic Statistical Learning theory, conformal prediction) to provably measure security against a wide class of attacks. He also worked on improving Machine Learning-based attacks (e.g., website fingerprinting, membership inference) and proposing new defences to counter them.) Up to date info are found at: https://giocher.com.Giovanni's thesis, titled 'Black-box Security Measuring Black-box Information Leakage via Machine Learning' can be found here.
- Benjamin Curtis
Ben's thesis is on Cryptanalysis and Applications of Lattice-based Encryption Schemes. The work ranges across contributions to attacking such schemes, establishing their security, and examining the not inconsiderable challenges of implementing them in practice. During his time with the CDT, Ben published four papers, two at the Workshop on Encrypted Computing and Applied Homomorphic Cryptography, a conference most closely matching some of his work, one at Selected Areas of Cryptography and one at the International Conference on Security in Communications Networks (SCN). This latter paper is the influential work on establishing an estimation of lattice security parameters, which was co-authored by a number of ISG researchers.
Ben is now a post-doc at the Alan Turning Institute.
- Dr Alex Davidson
Graduated from the University of Warwick with a BSc Mathematics degree, receiving first class honours. He was supervised by Prof Carlos Cid and conducted research into the development of cryptographic constructions. Alex's thesis, titled "Computing Functions Securely: Theory, Implementation and Cryptanalysis or, Topics in Insecurity" can be viewed here
- Dr Amit Deo
Amit's thesis is on lattice-based cryptography and contains three main contributions. First, Amit (and Dr Martin Albrecht) showed that there exist parameters for the Ring-LWE problem that are equivalent to parameters for the Module-LWE problem for any dimension d. This strengthens our confidence in Ring-LWE as a platform problem to build (post-quantum) cryptography from. This work was published at ASIACRYPT 2017. https://eprint.iacr.org/2017/612. Second, Amit (together with Prof Kenny Paterson and Dr Martin Albrecht) showed that cold boot attacks https://en.wikipedia.org/wiki/Cold_boot_attackare easier than one might expect on Module-LWE based schemes such as Kyber (and to some extend Ring-LWE based schemes such as New Hope). This is due to the secret key being stored in NTT domain on the device, giving rise to an LWE-like problem with additional algebraic structure that can be exploitable. This work won the best paper award at CHES 2018. https://eprint.iacr.org/2018/672.Third, Amit (together with Dr Alex Davidson, Nigel Smart and Dr Martin Albrecht) constructed the first (conjectured to be) post-quantum secure verifiable oblivious pseudorandom function (VOPRF). Such a function allows a client to evaluate a PRF under some server key, without the server learning the input to the PRF. Such functions are, for example, used in Privacy Pass https://blog.cloudflare.com/cloudflare-supports-privacy-pass/. While this construction is far from the efficiency of pre-quantum alternatives, it’s a first step towards preserving such functionality in a post-quantum world. This work is currently in submission. https://eprint.iacr.org/2019/1271. Amit has now joined the AriC Team at ENS Lyon as a postdoc.
- Naomi Farley
Naomi is currently working as a Senior Research Scientist at Thales UK. Her thesis considered the cryptographic enforcement of (read-only) information flow policies, which model hierarchies of security labels.
- Lydia Garms
Lydia submitted her thesis for examination in early January 2020 and is now with the ISG as an RA for the AquaSec project.
- Dr Andreas Haggerman
For his thesis, Andreas developed an original educational tabletop wargame based on the UK National Cyber Security Strategy and deployed this to a range of public and private organisations in the UK and internationally to gather data on the pedagogic efficacy of the game. The findings showed that the game was a powerful tool for creating learning moments. During his PhD Andreas was also involved in many (many!) activities outside his core research, including presenting at numerous conferences and workshops, and being part of the organising team for the Cyber 9/12 UK student policymaking challenge. Andreas now works as an Emerging Risks Research Analyst at Willis Towers Watson, looking at topics in cyber security, geopolitics, and future trends.
- Dr Torben Hansen
Torben's thesis concerns the security of SSH, one of the most important and commonly-used secure communications protocols. In his thesis, Torben developed clever timing attacks against the SSH protocol in the case when it uses CBC-mode for encryption (once its most popular configuration). He also presented the results of two Internet-wide surveys, carried out in 2015 and 2019, to evaluate the usage of SSH "in the wild". His thesis then provides formal security analysis, in the provable security tradition, for a range of different encryption options in SSH. Finally in this thesis, Torben showed how to streamline and then efficiently and securely implement a scheme called InterMAC in the SSH context. This scheme provides enhanced security protection compared to the currently available encryption options in SSH, particularly where traffic analysis is a concern.
The work in Torben's thesis was published in two papers:
 Martin R. Albrecht, Jean Paul Degabriele, Torben Brandt Hansen, Kenneth G. Paterson: A Surfeit of SSH Cipher Suites. ACM Conference on Computer and Communications Security 2016: 1480-1491.
 Martin R. Albrecht, Torben Brandt Hansen, Kenneth G. Paterson: libInterMAC: Beyond Confidentiality and Integrity in Practice. IACR Trans. Symmetric Cryptol. 2019(1): 46-83 (2019).
Notably, the first of these papers won a Distinguished Paper Award at ACM CCS, and will feature in the ISG's REF submission. During his Ph.D., Torben also worked on the integration of post-quantum algorithms into Internet protocols, resulting in a third paper:  Benjamin Dowling, Torben Brandt Hansen, Kenneth G. Paterson: Many a Mickle Makes a Muckle: A Framework for Provably Quantum-Secure Hybrid Key Exchange. PQCrypto 2020: 483-502.
Torben has recently joined the Crypto Engineering Team at Amazon Web Services.
- Dr Steve Hersee
Steven's thesis is titled "The Cyber Security Dilemma and the Securitisation of Cyberspace" - mixing up in-depth research and analysis of debates around encryption, the dark web, UK cyber security strategy and the Investigatory Powers Act, with a piece of ethnographic work during the several seasons Steve worked as a ‘hunter’ for the Channel 4 tv programme Hunted. Steve is now head of strategy for cyber security within the Cabinet Office.
- Dr Jonathan Hoyland
Jonathan's thesis, titled 'An analysis of TLS 1.3 and its use of composite protocols' provides a comprehensive and modular symbolic model of TLS 1.3 and uses the Tamain prover to verify the claimed TLS 1.3 requirements. Jonathan now works at Cloudflare.
- Dr Thalia Laing
Thalia spent her time with the CDT focusing on Secret Sharing Schemes and their application to constrained devices. Her resulting thesis, titled "Enhanced Threshold Schemes and their Applications' has led her to successfully complete the programme and gain her PhD. Thalia has now embarked on a career as Senior Researcher in the Security Lab of HP Labs.
- Dr Ela Lee
Ela's thesis, titled 'Advancements in Proxy Re-Encryption: Defining Security for wider Applications', explores formal definitions, bounds and schemes for a cryptographic primitive which essentially allows data encrypted under one key to become encrypted under another key without the protected data being revealed.
- Dr Robert Lee
Rob spent his time in the CDT researching how hardware and software can be securely bound together in computing devices. He submitted his thesis on the subject in August 2018 and is now working as a Software Engineer for GlobalSign.
- Dr Jake Massimo
Jake’s thesis is on primality testing in cryptography, in which he first provides a systematic analysis of the implementation landscape of primality testing within cryptographic libraries and mathematical software. He then demonstrates how these tests perform under adversarial conditions, where the numbers being tested are not generated randomly, but instead by a possibly malicious party. Jake then explored the implications of these security failures in applications, focusing on the construction of malicious Diffie-Hellman parameters. Finally, Jake addressed the shortcomings uncovered in primality testing under adversarial conditions by the introduction of a performant primality test that provides strong security guarantees across all use cases, while providing the simplest possible API.
- Dusan Repel
Dusan recently submitted his thesis titled Techniques for the Automation of the Heap Exploit Synthesis Pipeline.
Nick’s thesis Distributed Denial-of-Government: The Data Embassy and the geopolitical, diplomatic and legal implications of extraterritorial data storage was submitted in September 2020. The thesis focuses on the Estonian Data Embassy project and aims to understand what the primary motivations are behind the government’s decision to begin storing its data extraterritorially outside of its borders.
- Dr Sam Scott
Sam's work focused on real world cryptography, covering the design of new primitives for use in password storage, and formal analysis of the TLS 1.3 specification. Ater submitting his thesis, titled 'The design and Analysis of Real-World Cryptographic Protocols', Sam joined Cornell Tech on the Startup Postdoc programme.
- Dr Carton Shepherd
Carlton's research focused on establishing trust in constrained devices with trusted execution environments. Carlton submitted his thesis titled 'Techniques for Establishing Trust in Modern Constrained Sensing Platforms with Trusted Execution Environments' and gained his PhD in February 2019.
- Dr Philippa Thornton
Pip came to the CDT from a professional background in the police and the military. Her thesis, titled 'Language in the Age of Algorithmic Reproduction' explores the concept of linguistic capitalism arguing that the ongoing effects of digitally mediated language are both linguistic and political.Pip maintains a blog to accompany her research. Linguistic Geographies can be found here.
- Dr Thyla Van Der Merwe
Thyla is now with Mozilla where her work will involve protocol analysis and standardisation efforts. Her employment at Mozilla is the result of two internships at the company, which lead to two top-tier publications concerning TLS 1.3. Whilst at Royal Holloway, Thyla's research focused on attacking TLS 1.2 and below, as well as verifying TLS 1.3, and the research she has been a part of has added to the pressing case for a new version of the protocol, and has provided valuable insight into the design of the new protocol. Thyla's thesis can be accessed here.
- Dr Conrad Williams
During his time with the CDT, Conrad successfully presented at a wide range of conferences and had several research papers published.Conrad passed his PhD with the submission of his thesis titled 'Completeness in Languages for Attribute-based Access Control', and has now joined specialist reinsurance broker Capsicum as part of their cyber team.
- Dr Joanne Woodage
Joanne's research focused on provable security, and in particular its application to real world cryptographic problems. She gained her PhD in November 2019 with the thesis, 'Provable Security in the Real World: New Attacks and Analyses' She is now working as a Senior Researcher at Microsoft Research Cambridge.