A PhD thesis typically reads as an idealised narrative: how would the author perform their research had the results and conclusions been known in advance. This rarely occurs in practice. Failed experiments, unexpected results, and new collaborations frequently change the course of research. This paper describes the course of my thesis, and how its initial topic of distributed databases changed to covert channels, then anonymity, before eventually settling on links between the two. This illustrates concrete benefits from informal interactions, low-overhead collaboration, and flexibility of research project plans. For my PhD thesis, I was originally going to study distributed databases and their security, but what I ended up covering was anonymous communication networks ‐ systems to protect users’ online privacy by hiding their communication patterns ‐ and how to improve their security by drawing ideas from the field of covert channels. This substantial change was made possible by the flexibility offered by the University of Cambridge, and assisted by collaborations built up at conferences and facilitated online. My resulting thesis was awarded the ERCIM Security and Trust Management Working Group prize, and this paper presents a more formalised version of the talk I gave when accepting that prize. There is clearly a significant gap between what I planned to study and how I finished. To understand how this happened, it is helpful to look at how I started in October 2002. My supervisor Markus Kuhn encouraged me to develop other small research projects, especially at the start of my studies. Some of these led to publications or software, a few eventually became the core of my thesis, and many produced nothing except useful experience. Whilst I had expectations as to where each of the projects would lead, more often than not I was wrong. In my first year I worked on finding security weaknesses in the RFID access control system used in my building, studying Security Enhanced Linux, finding weaknesses in a proposed banking security protocol, building a model checker with an integrated Lua-based extension language, writing a survey of markup languages, integrating a one-time password system into the Linux authentication subsystem,
[1]
Steven J. Murdoch,et al.
Covert Channels for Collusion in Online Computer Games
,
2004,
Information Hiding.
[2]
Steven J. Murdoch,et al.
Embedding Covert Channels into TCP/IP
,
2005,
Information Hiding.
[3]
Joanna Rutkowska joanna.
The Implementation of Passive Covert Channels in the Linux Kernel
,
2004
.
[4]
Steven J. Murdoch,et al.
Hot or not: revealing hidden services by their clock skew
,
2006,
CCS '06.
[5]
Steven J. Murdoch,et al.
Covert channel vulnerabilities in anonymity systems
,
2007
.
[6]
George Danezis,et al.
Low-cost traffic analysis of Tor
,
2005,
2005 IEEE Symposium on Security and Privacy (S&P'05).
[7]
Nick Mathewson,et al.
Tor: The Second-Generation Onion Router
,
2004,
USENIX Security Symposium.