I am a professor of Information Security at the Information Security Group at Royal Holloway, University of London, the director of the Smart Card and IoT Security Centre, and the director of the Transformative Digital Technologies, Security and Society Catalyst. My main research areas include: trusted execution environments; embedded devices and cyber-physical systems security; smart cards and RFIDs security; avionics and drone security; automotive, payment and transport systems security; mobile phones, near-field communication (NFC) and secure element security; and ambient sensors and Internet-of-Things (IoT) security. More

Areas of research

Active research

Internet-of-Things (IoTs)

Payment System Security

Secure Application Execution

Trusted Execution Environments

Drones

Embedded System Security

Mobile Phone Forensics

Automotive

Avionics

Software and Hardware Binding

Research

Mobile Device Security

Utilising Side-Channel Leakage

Security Protocol Design

Smart Energy Trading

Transport System Security

Block Chain Technologies

User Centric Devices

Resilient Computing

Data Provenance and Causality Chains

Video and Computer Games Anti-cheating Mechanisms

[211] Carlton Shepherd, Benjamin Semal, Konstantinos Markantonakis, "Investigating Black-Box Function Recognition Using Hardware Performance Counters", 27 Nov 2022, IEEE Transactions on Computers, https://arxiv.org/abs/2204.11639

[210] Carlton Shepherd, Jan Kalbantner, Benjamin Semal, Konstantinos Markantonakis, "A Side-channel Analysis of Sensor Multiplexing for Covert Channels and Application Fingerprinting on Mobile Devices", 22 Mar 2022, https://arxiv.org/abs/2110.06363

[209] F Thomas-Brans, Thibaut Heckmann, Konstantinos Markantonakis, Damien Sauveron, "New Diagnostic Forensic Protocol for Damaged Secure Digital Memory Cards", 11 Mar 2022, IEEE Access, 10.1109/ACCESS.2022.3158958

[208] Carlton Shepherd, Konstantinos Markantonakis, Nico Van Heijningen, Driss Aboulkassimi, Clement Gaine, Thibaut Heckmann, David Naccache, "Physical Fault Injection and Side-Channel Attacks on Mobile Devices: A Comprehensive Analysis", 17 Sep 2021, Computers and Security, 10.1016/j.cose.2021.102471

[207] Jan Kalbantner, Konstantinos Markantonakis, Darren Hurley-Smith, Carlton Shepherd, Benjamin Semal, "A DLT-based Smart Contract Architecture for Atomic and Scalable Trading", 6 May 2021, https://arxiv.org/abs/2105.02937

[206] Carlton Shepherd, Konstantinos Markantonakis, Georges-Axel Jaloyan, "LIRA-V: Lightweight Remote Attestation for Constrained RISC-V Devices", May 2021, IEEE, 10.1109/SPW53761.2021.00036

[205] Vihangi Vagal, Konstantinos Markantonakis, Carlton Shepherd, "A New Approach to Complex Dynamic Geofencing for Unmanned Aerial Vehicles", 14 Apr 2021, IEEE,

[204] Anjia Yang, Dutliff Boshoff, Qiao Hu, Gerhard Hancke, Xizhao Luo, Jian Weng, Keith Mayes, Konstantinos Markantonakis, "Privacy-preserving Group Authentication for RFID Tags Using Bit-Collision Patterns", 12 Feb 2021, IEEE Internet of Things Journal, 10.1109/JIOT.2021.3059047

[203] Benjamin Semal, Konstantinos Markantonakis, Keith Mayes, Jan Kalbantner, "One Covert Channel to Rule Them All: A Practical Approach to Data Exfiltration in the Cloud", 9 Feb 2021, 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020), 10.1109/TrustCom50675.2020.00053

[202] Jan Kalbantner, Konstantinos Markantonakis, Darren Hurley-Smith, Raja Naeem Akram, Benjamin Semal, "P2PEdge: A Decentralised, Scalable P2P Architecture for Energy Trading in Real-Time", 25 Jan 2021, Energies, 10.3390/en14030606


8a. Invited keynote to a major international conference


Delivered

  • 2019, Edinburgh, Keynote talk, Big Data in Cyber Security, “From Big Computers and Small Data to Small Computers and Big Data”, June 2019
  • 2018, Dubai, Keynote Talk, IEEE International Conference on Signal Processing and Information Security 2018, “Secure Application Execution on IoT Devices – Lessons Learned”
  • 2017, Bucharest, Romania, “Ambient Sensing Based Relay Attack Detection in Smartphone Contactless Transactions”, International Conference on Security for Information Technology and Communications (SECITC) 2017.
  • 2015, Bucharest, Romania, Keynote Talk, 8th International Conference on Security for Information Technology and Communications, SECITC 2015, "Secure and Trusted Application Execution on Embedded Devices"
  • 2012, Nijmegen, The Netherlands, Keynote Talk, The 8th Workshop on RFID Security and Privacy, “Interplay of Business Objectives and Academic Research – Holders of NFC Mobile Service Destiny”
  • 2012, London, UK, Keynote Talk, The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) , Smart cards, Secure Elements and NFC Security – The Status Quo”
  • 2012, Hangzhou, China, Keynote Talk, 8th International Conference on Information Security Practice and Experience (ISPEC 2012), “Are smart cards the weakest link? Is `practical information security research’ still significant?”

8b. An invited symposium/workshop/summer school presentation

  • 2018, Abu Dhabi, Keynote Talk, UAE Cyber-Security Symposium 2018, “Secure and Trusted Application Execution”, Khalifa University.
  • “Cyber Physical System Security", Intensive Programme on Information and Communications Security (IPICS), Mytilene, Greece, July 2018
  • “Cyber Physical System Security", Intensive Programme on Information and Communications Security (IPICS), Corfu, Greece, July 2017
  • “Cyber Physical System Security", Intensive Programme on Information and Communications Security (IPICS), Leuven, Belgium, July 2016
  • “Cyber Physical System Security", Intensive Programme on Information and Communications Security (IPICS), Mytelene, Greece, July 2015
  • “Secure Application Execution on Cyber Physical Devices”, Summer School on “Design and security of cryptographic algorithms and devices for real-world applications”, Šibenik - Croatia 01 June - 06 June 2014
  • “Embedded System Security Lesson Learned", Intensive Programme on Information and Communications Security (IPICS), Mytelene, Greece, July 2014
  • “Smart Cards: State-of-the-Art to Future Directions”, Invited Paper, IEEE International Symposium on Signal Processing and Information Technology, December 12-15, 2013 - Athens, Greece.
  • "Cyber Physical Systems", Intensive Programme on Information and Communications Security (IPICS), Samos, Greece, August 2013.
  • “Smart card Security”, ICareNet 2013, 3rd of December 2012, Network of Excellence - Winter School, Imperial College, London.
  • "Embedded System Security", Intensive Programme on Information and Communications Security (IPICS), Vienna, Austria, August 2012
  • "Embedded System Security", Intensive Programme on Information and Communications Security (IPICS), Corfu, Greece, August 2011
  • "Hardware Token Security", Intensive Programme on Information and Communications Security (IPICS), Samos, Greece, August 2010
  • "Smart card Security", Intensive Programme on Information and Communications Security (IPICS), Vienna, Austria, August 2009

8c. An invited presentation to another academic department (UK or international)

  • 2019, Khalifa University (UAE), “Embedded system security, bridging theory and practice. The Smart Card and IoT Security Centre (SCC) perspective.”, October 2019
  • 2018, Abu Dhabi, Invited Talk, Department of Electrical Engineering, “Secure and Trusted Application Execution on Embedded Devices”, Khalifa University.
  • “Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 18 January, 2017
  • “Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 1st December 2015
  • “Embedded Devices, Platforms and Applications”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 13th January 2015
  • “Embedded Systems Security”, Invited Day Course, KTH, Stockholm, Sweden, April 2015.
  • “Multi-Application Smart card Operating Systems”, Invited Lecture in the BSc Programme in Computer Science, University of Bordeux and University or Limoges, February and March 2015
  • “Embedded System Security”, Khalifa University, April 2014.
  • “Multi-application Smart Embedded Devices”, Invited Lecture in the MSc Programme in Digital Systems Security, University of Piraeus, Greece, 13th November 2013
  • University of Athens, MSc in Computer Science, Invited talk on “Embedded System Security”, April 2013.
  • "Smart card Security Theory and Practice”, PRActical aspeCts on SEcurity (PRACSE 09), organised by the Athens Institute of Technology (AIT), June 2009.
  • “From Smart card to Smart card system security”, PRActical aspeCts on SEcurity (PRACSE’08), organised by the Athens Institute of Technology (AIT), May 2008.
  • “Smart card Security”, Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH), Heraklion, Greece, February 2008.
Trusted Execution Environments
Trusted Execution Environments

Carlton Shepherd, Konstantinos Markantonakis

Secure Smart Embedded Devices, Platforms and Applications
Secure Smart Embedded Devices, Platforms and Applications

Konstantinos Markantonakis, Keith Mayes

ISBN: 978-1-4614-7914-7 (Print) 978-1-4614-7915-4 (Online)

Smart Cards, Tokens, Security and Applications
Smart Cards, Tokens, Security and Applications

Keith E. Mayes, Konstantinos Markantonakis (eds.)

ISBN: 978-0-387-72197-2 (Print) 978-0-387-72198-9 (Online) Publisher: Springer US, 2008 DOI: 10.1007/978-0-387-72198-9

Smart Cards, Tokens, Security and Applications
Smart Cards, Tokens, Security and Applications

Keith Mayes, Konstantinos Markantonakis

Springer International Publishing Hardcover ISBN:978-3-319-50498-8 DOI: 10.1007/978-3-319-50500-8


Areas of Expertise

I initially got involved in Information Security consulting projects while pursuing my PhD in Information Security at Royal Holloway. Since then, I have worked on a number of Information Security and Smart Card related projects with numerous high profile clients, and I continue to provide consultancy for a variety of Information Security and Smart Card related areas:

  • Smart Card physical security analysis
  • Multi-application Smart Card migration program planning
  • Project management for financial institutions and transport operators
  • Business case development for chip migration programs
  • Smart Card application (Java card, SIM card, Multos) security review, design and development
  • Smart Card security evaluations (Common Criteria), Security Target and Protection Profile Development
  • Risk analysis on Smart Card technology, protocols and systems
  • Smart Card security protocol design and review
  • Security of mobile phone platforms and secure elements
  • Contactless Smart Card/RFID security and Mifare card technology

Selected Projects

  • I was a part of the team, along with colleagues from the Information Security Group’s Smart Card Centre, which performed a counter expertise analysis of a report into the Dutch OV-Chipkaart transport system in 2008. This was in response to some recently published attacks on Mifare Classic smart cards.
  • Since then, our team got involved in further work relating to Mifare and chip migration issues, and planning for the Dutch transport system.
  • I was involved in preparing an evaluation paper for different options in which security controllers can exist in mobile devices. The document was also presented as an ETSI internal document.
  • I was also involved in the preparation and delivery of a smart card security training course for the Information Security department of a major financial institution.
  • Security analysis of public key cryptography in Smart card devices and tools with restricted processing resources.
  • Security analysis of a smart card system for the provision of wireless telecommunications services.