How long does the BKZ algorithm run? What sounds like a rather niche question only of interest to theoretical computer scientists, is in fact a central open problem that needs to be resolved in order to keep the digital economy and private life safe. While largely hidden from view, cryptography underpins many aspects of modern life such as commerce, banking, governance or long distance personal communication. The cryptographic schemes securing digital communication, in turn, rely on one of two hard mathematical problems at their core. However, these mathematical problems, while still difficult to solve on a normal computer, are, in fact, easy to solve on a quantum computer. That is, in 1994, Peter Shor presented an algorithm for solving these problems - factoring and discrete logarithms - efficiently, essentially regardless of how big we choose parameters, i.e. he found a polynomial-time algorithm on a quantum computer. To date, nobody has announced a sufficiently big quantum computer to run Shor's algorithm for any non-trivial problem and it remains unclear if it is at all possible. Still, recent theoretical and practical progress in the area of quantum computing has many people concerned. One motivation is the following scenario: an attacker could collect encrypted traffic now and store it until sufficiently big quantum computers are available. Once this is the case, the attacker can use their capabilities to decrypt the stored ciphertexts. Thus, if encryption ought to provide security well into the future, it might be under threat already by quantum computers ... even if they do not exist yet. Some estimates foresee the first quantum computer powerful enough to break real RSA keys for as early as 2030. On the other hand, the adoption of new cryptography often takes decades. Thus, the time to address this problem is now. A second challenge for current generation cryptography is changes in usage pattern. In recent years, cloud services became increasingly relevant. These brought with them significant privacy challenges as these services rely on having access to personal data to add value. Ideally, we would like to utilise the power of third-party services without handing over sensitive private data. For both of these challenges, lattice-based cryptography is a key building block to resolving them. That is, from hard lattice problems we can build cryptosystems which are believed to be secure even against quantum attackers. These cryptosystems also enable to compute with encrypted data also known as "fully homomorphic encryption". In both of these areas, standardisation efforts are currently underway to enable widespead adoption of these schemes. However, before we can do that, we need to refine our understanding of how long it would take an attacker to break these schemes. Practical cryptographic schemes are never unconditionally secure, but they are "secure enough" where "secure enough" can mean different things depending on the desired performance/security trade-off. Thus, we want to make sure that it would take too long to be feasible while not picking our parameters so big to slow down our communications unduly. To answer this question "How long would it taken for an attacker to break the next generation of encryption schemes" is the same as the initial question - "How long does the BKZ algorithm take to run?" - since the BKZ algorithm is the preeminent algorithm with which an attacker would attempt break latticed-based cryptography. Currently, the cryptographic community disagrees on the true cost of this algorithm. Thus, this project sets out to resolve this question so that we can deploy the next generation of cryptography with confidence.

AP4L is a 3-year program of interdisciplinary research, centring on the online privacy & vulnerability challenges that people face when going through major life transitions. Our central goal is to develop privacy-by-design technologies to protect & empower people during these transitions. Our work is driven by a narrative that will be familiar to most people. Life often "just happens", leading people to overlook their core privacy and online safety needs. For instance, somebody undergoing cancer treatment may be less likely to finesse their privacy setting on social media when discussing the topic. Similarly, an individual undergoing gender transition may be unaware of how their online activities in the past may shape the treatment into the future. This project will build the scientific and theoretical foundations to explore these challenges, as well as design and evaluate three core innovations that will address the identified challenges. AP4L will introduce a step-change, making online safety and privacy as painless and seamless as possible during life transitions To ensure a breadth of understanding, we will apply these concepts to four very different transitions through a series of carefully designed co-creation activities, devised as part of a stakeholder workshop held in Oct'21. These are relationship breakdowns; LBGT+ transitions or transitioning gender; entering/ leaving employment in the Armed Forces; and developing a serious illness or becoming terminally ill. Such transitions can significantly change privacy considerations in unanticipated or counter-intuitive ways. For example, previously enabled location-sharing with a partner may lead to stalking after a breakup; 'coming out' may need careful management across diverse audiences (e.g - friends, grandparents) on social media. We will study these transitions, following a creative security approach, bringing together interdisciplinary expertise in Computer Science, Law, Business, Psychology and Criminology. We will systematise this knowledge, and develop fundamental models of the nature of transitions and their interplay with online lives. These models will inform the development of a suite of technologies and solutions that will help people navigate significant life transitions through adaptive, personalised privacy-enhanced interventions that meet the needs of each individual and bolster their resilience, autonomy, competence and connection. The suite will comprise: (1) "Risk Playgrounds", which will build resilience by helping users to explore potentially risky interactions of life transitions with privacy settings across their digital footprint in safe ways (2) "Transition Guardians", which will provide real-time protection for users during life transitions. (3) "Security Bubbles", which will promote connection by bringing people together who can help each other (or who need to work together) during one person's life transition, whilst providing additional guarantees to safeguard everyone involved. In achieving this vision, and as evidenced by £686K of in-kind contributions, we will work with 26 core partners spanning legal enforcement agencies (e.g., Surrey Police), tech companies (e.g., Facebook, IBM), support networks (e.g., LGBT Foundation, Revenge Porn Helpline) and associated organisations (e.g., Ofcom, Mastercard, BBC). Impact will be delivered through various activities including a specially commissioned BBC series on online life transitions to share knowledge with the public; use of the outputs of our projects by companies & social platforms (e.g., by incorporating into their products, & by designing their products to take into consideration the findings of our project) & targeted workshops to enable knowledge exchange with partners & stakeholders.

The 2015 UK National Security Strategy identifies cyber security as one of the top four UK national security priorities. The UK National Cyber Security Strategy 2016-2021 (NCSS) has an underlying vision to make the UK secure and resilient to cyber threats, prosperous and confident in the digital world. It is widely recognised that the UK, indeed the world, is short of cyber security specialists. Cyber security is genuinely cross-disciplinary. It's about technology, and the networks and systems within which technology is deployed. But it's also about society and how it engages with technology. Researching the right questions requires researchers to fully understand the integrated nature of the cyber security landscape. A CDT provides the perfect vehicle within which suitably broad training can be provided. The establishment of a cohort of researchers with different backgrounds and experience allows this knowledge to be cultivated within a rich environment, where the facts of hard science can be blended with the perspectives and nuances of more social dimensions. While society has made progress in developing the technology that underpins security, privacy and trust in cyberspace, we lag behind in our understanding of how society engages with this technology. Much more fundamentally, we don't even really understand how society engages with the concepts of security, privacy and trust in the first place. We will host a CDT in Cyber Security for the Everyday, which signals that research in our CDT will focus on the technologies deployed in everyday digital systems, as well as the everyday societal experience of security. Research in our CDT will investigate the security of emerging technologies. As cyberspace continues to evolve, so, too, do the technologies required to secure its future. Research topics include the cryptographic tools that underpin all security technologies, the security of the systems within which these tools are deployed, the use of artificial intelligence to aid discovery of system vulnerabilities, and security and privacy of everyday objects which are becoming embedded in cyberspace. Our CDT will also research how to secure cyber societies. Securing increasingly networked, automated, and autonomous societies requires an integrated research approach which engages the social, technological, cultural, legal, social-psychological and political on equal terms. Research topics include exploring state, institutional and corporate responsibility over how information is gathered and used, investigating how cyber security is perceived, understood and practiced by different communities, and researching how social differences and societal inequalities affect notions of, and issues relating to, cyber security. Our training programme will be based around a suite of relevant masters programmes at Royal Holloway, including in Information Security, Geopolitics and Security, and Data Science. This will be supplemented by workshops, practice labs, and a comprehensive generic skills programme. Students will work closely with the wider cyber security community through a series of industry engagement sessions and visits, summer projects, and three-month internships. Peer-to-peer learning will be fostered through group challenges, workshop design and delivery, reading groups and a social programme.