Log in
Terrestrial Trunked Radio (TETRA) is a very well known, international specification for secure mobile radio and `walkie-talkie' communication, that is extensively used and relied upon by emergency and public safety services such as police, ambulance and fire services, as well as governmental and private bodies. The European Telecommunications Standards Institute (ETSI) began standardising TETRA in the 1990s and it is now widely used throughout the world. Foundations of its success include resilience and reliability, but security is a major feature, being underpinned by expert cryptographic design. In particular the authentication and key generation mechanisms in TETRA rely on a block cipher (HURDLE) which was designed by a team of cryptographers at Royal Holloway.
The work carried out at Royal Holloway underpins the integrity and security of TETRA safety- critical networks throughout the world to the present day. A secure design for emergency service communications minimises both the amount of disruption criminals can cause to service operations, and the amount of operational information such criminals can glean from eavesdropping, contributing to the safety and security of society as a whole as well as the economic benefits to manufacturers of TETRA-based equipment.
By default, Internet traffic is vulnerable to eavesdropping and modification. TLS is a protocol that has become the de facto method for securing application-layer messages. TLS is implemented in all major web browsers and servers and is used daily by hundreds of millions of people for applications such as e-commerce, social networking and Internet banking. Royal Holloway researchers identified flaws in the way in which TLS encrypts data, resulting in practical attacks that compromised the security goals of TLS. The researchers also helped major vendors, such as Google, Microsoft and Oracle, to assess and develop countermeasures to the attacks.
The development of any substantial security system is informed by international standards. In particular, system designers refer to these standards when deciding which cryptographic primitives and what key sizes to use. Thus it is essential that the guidelines and best practice published in standards are accurate and robust. Of the official standards bodies concerned with security, the most influential is ISO. Prof. Chris Mitchell has been a UK representative expert to ISO since 1992. His research has led to a number of important amendments to ISO standards and he has played a major role in drafting (and maintaining) those standards.
Professor Sasse created, developed and delivered the user-centric perspective that now underpins security thinking in both corporate and public-sector domains. This perspective shaped the UK government's Identity Assurance Programme (IDAP), a federated identity solution that will provide access to all e-government services in the UK. HP has incorporated the compliance budget model into its Security Analytics product, which enables companies to calculate the impact of a given security mechanism on individual and corporate productivity. Sasse's work also underpins new and improved security products, including First Cyber Security's SOLID and Safe Shop Window tools, which protects over 70% of UK online shopping revenue; GrIDSure's one-time PIN system (now part of the SafeNet Authentication Service); and iProov's authentication service.
Pioneering research at UCL Department of Computer Science (CS) into multimedia communications over the Internet led directly to the development of central techniques used in voice-over-IP (VoIP), videoconferencing, and instant messaging. Millions of people worldwide today use applications that incorporate these techniques. In particular, UCL CS created the Session Initiation Protocol (SIP) and the Session Description Protocol (SDP), two Internet standards that comprise the primary way multimedia calls are established on the Internet. They are at the core of products made by Microsoft, Apple, Cisco, Siemens, and Polycom, among many others, and are used in most 3G mobile telephone networks. Implementing the technology reduces costs for businesses, with Oracle, for example, realising $18 million in savings since 2010.