CAREER: Encrypted Computation
Northeastern University, Boston MA
Investigators
Abstract
Traditionally, the main goal of cryptography has been to secure data in transit over an insecure channel, by providing the digital analogue of a "lock box" that can only be unlocked by the intended recipient but whose contents cannot be observed or manipulated by anyone else. In recent years, new technologies and applications such as the rise of cloud computing are forcing us to fundamentally change our perspective. Data is not only vulnerable while in transit, but is increasingly being stored with third-party providers that have vast storage and computational resources and are expected to offer a rich array of tools and services over this data. Traditional cryptosystems could secure the data in the cloud but only at the cost of rendering it unusable and preventing the cloud from offering any functionality over it. The goal of this project is to design a new generation of cryptostosystems that go beyond the "lock box" paradigm and allow users to cryptographically protect their data in the cloud while still enabling the cloud to perform useful computations over it. More generally, the project studies the broad question of how to enable computation over cryptographically protected data with the best possible trade-offs between security and functionality. Specifically, the project focuses on three goals. The first goal is to construct provably secure program obfuscation schemes that can be used to encrypt a program in a way that hides its code but still allows us to evaluate it on arbitrary inputs. Such obfuscation schemes are known to be immensely powerful and would have countless applications throughout cryptography. Although this is likely to be a difficult goal and is one of the grand challenges in cryptography today, the project identifies several intermediate problems which may be closer within reach and may serve as useful stepping stones. The second goal is to improve numerous aspects of cryptosystems, such as fully homomorphic encryption and signatures. These schemes allow anyone to compute over encrypted/authenticated data and derive an encrypted/authenticated output without learning anything about the data itself. Although basic constructions of these primitives are known, they have many deficiencies that this project plans to address. Lastly, the project studies the additional challenges involved in computing over cryptographic data in the random-access machine model of computation, which best captures the efficiency requirements of real-world programs. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →