Jolyon Clulow

University of Cambridge
Computer Laboratory
15 JJ Tompson Avenue
Cambridge CB3 0FD
United Kingdom

Contact details

E-mail: Jolyon dot Clulow at
Office: +44 (0)1223 7-63568
Fax: +44 (0)1223 3-34678

About me

I am currently a Ph.D. student in the Security Group of the Computer Laboratory at the University of Cambridge. My supervisor is Ross Anderson and I'm currently working closely with Mike Bond on API Security.

Latest News

The recent announcements appear to have stirred up a significant amount of interest. The danger in such a situation is always a lack of rational, critical thinking and a tendency to form rushed judgements. In order to give a high level description of the vulnerabilities and an accurate, (and hopefully) impartial assessment of the risks, I've teamed up with industry experts RedPay Consulting. We've produced a report aimed at financial and banking institutions (from Senior Managers to Security Officers). Hopefully this will address many of your questions as well as giving you some clear guidance.

Research Interests

Historically my research interests have been related to Tamper Resistant/Responding Security Modules (TRSM), which are often referred to as crypto coprocessors, host security modules (HSM) or hardware security modules (HSM). Over the past years, I have been a member of a development team building such devices and solutions using these devices typically for the financial and banking industries.

Particular interests include:

The API attacks represent my most interesting work. In 2001, I discovered a set of six (6) families of attacks that led to the recovery of bank PINs from the existing networks. My M.Sc. dissertation below has a comprehensive treatment of the topic (in Chapter 3 (Pdf, Zipped Pdf)). It shows that it is possible for a malicious insider to cause massive and widespread financial fraud against both individual cardholders and institutions. The technical details are very interesting while the financial implications are potentially crippling and the social ramifications significant.

Banking/Financial Security

Currently, there is a conflict between the financial and banking institutions (who are trying to protect the system, their customers and themselves) and those trying to protect the rights of the consumers and victims of security breaches. It could be avoided with a better system if everyone would invest the time, money and motivation required. One of the most interesting aspects is that based solely on the transaction information (audit logs, etc) it is impossible to differentiate between an innocent victim and a malicious fraudster. Hence you cannot tell (on that evidence alone) whether you are defending the good guy or the bad guy. And that's a bit of an issue in the campaign for justice. Nonetheless, it remains a hugely interesting case study of the development and life cycle of security, as well as being significant for anyone who holds an account at a bank.

Research Outputs

Clulow, J.S. "On the Security of PKCS#11", CHES 2003, LNCS 2779, 2003. (Pdf, Zipped Pdf)

Clulow, J.S. "The Design and Analysis of Cryptographic APIs for Security Devices", M.Sc. Dissertation, University of Natal, Durban, South Africa, 2003. (Pdf,Zipped Pdf). Supervisor: Prof. H. C. Swart.

The dissertation covers materials from a number of technical reports I’ve authored previously while in the employ of Prism, including:

Clulow, J.S. "PIN Recovery Attacks", Technical Report 0520 00296, October 2001. Revised October 2002.

Clulow, J.S. "Related Key Attacks against Symmetric Ciphers and Security APIs", Technical Report 0520 00297, 2001. Revised October 2002.

Clulow, J.S. "Vulnerabilities in Financial Crypto Transaction Sets", Technical Report 0520 00298, 2001. Revised October 2002.

Conferences and Seminars

Clulow, J.S. "I Know Your PIN "(Ppt, Zipped Ppt)

Presented at:

Current Research Proposal

The significance of security devices that protect the numerous transactions, which take place in today's distributed virtual environment, cannot be underestimated. The importance of such devices will increase as our society continues to evolve into a cashless electronic society. There has been a transformation of the traditional security analysis from one focused on mathematical primitives and physical engineering solutions to a holistic approach that seeks to protect against subtle interactions between the cryptographic, logical and physical aspects of such devices that can collude to compromise the security thereof. In the above setting and in a continuation of my own previous work, I propose to further investigate the electronic interface to security devices (i.e. the application programming interface or API) as a source of vulnerabilities. In particular, I would like to the extend this work from the retail financial security arena to the developing field of digital rights management (DRM) and 'trusted computing' (TCPA) and join the attempt to develop formal methods for analysis. As one of the earliest electronic security products, I believe that retail financial security devices can provide an instructive reference and case study for the development, adoption and maturation of security related products.