The security of many cryptographic protocols in use today relies on the computational hardness of mathematical problems such as integer factorization. These problems can be solved using quantum computers, and therefore most of our security infrastructures will become completely insecure once quantum computers are built. Post-quantum cryptography aims at developing security protocols that will remain secure even after quantum computers are built. The biggest security agencies in the world including GCHQ and the NSA (the American National Security Agency) have recommended a move towards post-quantum protocols, and the new generation of cryptographic standards will aim at post-quantum security. Driven by the need to upgrade our cybersecurity infrastructures, many cryptographic algorithms have recently been developed which are claimed to offer post-quantum security. These proposals are based on a few distinct mathematical problems which are hoped to remain difficult for quantum computers, including lattice problems, multivariate polynomial system solving, coding theory problems, isogeny problems, and the security of cryptographic hash functions. Unfortunately, many of these problems, and more importantly the cryptographic algorithms that are built on top of them, have not been subject to a thorough security analysis yet, therefore leaving us with a risk to oversee major weaknesses in algorithms to be deployed in security applications. In this fellowship, we will develop breakthrough cryptanalysis techniques to analyse the security of post-quantum cryptography candidate algorithms, and determine which algorithms may or may not be further considered for digital security applications. Using the insight gained through cryptanalysis, we will then develop new post-quantum cryptographic algorithms offering better security, efficiency and functionality properties in applications.

The 2015 UK National Security Strategy identifies cyber security as one of the top four UK national security priorities. The UK National Cyber Security Strategy 2016-2021 (NCSS) has an underlying vision to make the UK secure and resilient to cyber threats, prosperous and confident in the digital world. It is widely recognised that the UK, indeed the world, is short of cyber security specialists. Cyber security is genuinely cross-disciplinary. It's about technology, and the networks and systems within which technology is deployed. But it's also about society and how it engages with technology. Researching the right questions requires researchers to fully understand the integrated nature of the cyber security landscape. A CDT provides the perfect vehicle within which suitably broad training can be provided. The establishment of a cohort of researchers with different backgrounds and experience allows this knowledge to be cultivated within a rich environment, where the facts of hard science can be blended with the perspectives and nuances of more social dimensions. While society has made progress in developing the technology that underpins security, privacy and trust in cyberspace, we lag behind in our understanding of how society engages with this technology. Much more fundamentally, we don't even really understand how society engages with the concepts of security, privacy and trust in the first place. We will host a CDT in Cyber Security for the Everyday, which signals that research in our CDT will focus on the technologies deployed in everyday digital systems, as well as the everyday societal experience of security. Research in our CDT will investigate the security of emerging technologies. As cyberspace continues to evolve, so, too, do the technologies required to secure its future. Research topics include the cryptographic tools that underpin all security technologies, the security of the systems within which these tools are deployed, the use of artificial intelligence to aid discovery of system vulnerabilities, and security and privacy of everyday objects which are becoming embedded in cyberspace. Our CDT will also research how to secure cyber societies. Securing increasingly networked, automated, and autonomous societies requires an integrated research approach which engages the social, technological, cultural, legal, social-psychological and political on equal terms. Research topics include exploring state, institutional and corporate responsibility over how information is gathered and used, investigating how cyber security is perceived, understood and practiced by different communities, and researching how social differences and societal inequalities affect notions of, and issues relating to, cyber security. Our training programme will be based around a suite of relevant masters programmes at Royal Holloway, including in Information Security, Geopolitics and Security, and Data Science. This will be supplemented by workshops, practice labs, and a comprehensive generic skills programme. Students will work closely with the wider cyber security community through a series of industry engagement sessions and visits, summer projects, and three-month internships. Peer-to-peer learning will be fostered through group challenges, workshop design and delivery, reading groups and a social programme.