Academic Centre of Excellence in Cyber Security Research - University of Bristol

Lead Research Organisation: University of Bristol
Department Name: Computer Science


The University of Bristol (UoB) [1] Computer Science Department [2] is internationally competitive within the discipline, with 87\% of research output ranked as 4* or 3* by the 2014 REF process. It hosts a rich, diverse research culture, and maintains connections with numerous other disciplines; an example is the Mathematics Department, via the Heilbronn Institute, a partnership between the UoB and GCHQ. The Department enjoys a close relationship with local and global industry, and maintains a portfolio of ongoing research projects in collaboration with numerous companies.

Within the Department, the Cryptography and Information Security Group [3] fosters a internationally leading, interdisciplinary programme of research that spans theoretical and practical aspects of cryptography (and information security more generally); this modus operandi has led to numerous advances that would not have been possible by focusing on a narrower remit, and is evidenced by output that span all venues of the International Association of Cryptologic Research (IACR), namely ASIACRYPT, EUROCRYPT, and CRYPTO, plus the sub-conferences CHES, FSE, PKC, and TCC. At the time of writing, the Group consists of 8 members of academic staff (plus 2 visiting fellows), 6 PDRAs, and 18 PhD students; this forms the nucleus of existing UoB accreditation by EPSRC and GCHQ under the Academic Centre of Excellence in Cyber Security Research (ACE-CSR) programme. Two members of the Group (Prof. Smart as Vice-President, Dr. Stam and Secretary) have served on the board of directors of the IACR; Prof. Smart is a Fellow of the IACR. The Group is guided by a dedicated Industrial Advisory Board (IAB), and at least two spin-out companies (Identum, via Prof. Smart and Dr. Page, and Dyadic Security, via Prof. Smart) have resulted.

As supported by a diverse range of funding streams (e.g., industry, EPSRC, EU, DARPA), a high-level overview of specific interests and expertise would include (but are not limited by)

- foundational research and number theory that supports cryptography and cryptanalysis;
- design and formal security analysis of existing and novel cryptographic primitives, protocols and applications;
- applied attack techniques on cryptography (such as side-channel and fault attacks);
- effective implementation of cryptography in hardware and software.

Various mature, well supported research platforms support associated activity: for example a) the Group maintains lab. space used for hardware development (e.g., FPGA development, PCB prototyping) and side-channel analysis (e.g., power- and EM-acquisition and post-processing), while b) UoB maintains a centralised High-Performance Computing (HPC) facility organised under the Advanced Computing Research Centre (ACRC); around £12 million invested since 2006 has provided dedicated, managed facilities for both computation and storage.

This proposal relates to support for renewal of accreditation ACE-CSR for UoB, which, in essence, will help to support and enhance the activity outlined above.


Planned Impact

EPSRC definition of the ACE-CSR programme in

states that it aims to

"enhance the quality and scale of academic cyber security research and postgraduate training being undertaken in the UK; make it easier for potential users of research to identify the best cyber security research and postgraduate training that the UK has to offer; help to develop a shared vision and aims among the UK cyber security research community, inside and outside academia."

This proposal is predicated on UoB already being accredited with ACE-CSR status; although no research activity is funded per se, we nevertheless expect incidental impact to stem from pathways such as

- dissemination and publicity (e.g., presentation of research at events such as CyberUK 2017),
- creation and development of human capital (e.g., training for post-graduate and post-doctoral researchers),
- academic, industrial, and governmental engagement (i.e., users of and collaborators in research activity, plus any associated policy makers), and
- public engagement (e.g., use of the ACE-CSR brand to attract and then inform future generations of cryptographer).


10 25 50