November 12, 2019 | Written by: Charanjit Jutla
Share this post:
While basic cryptographic technologies such as encryption and digital signatures are now integral to internet security, more advanced cryptographic techniques have also been slowly gaining traction. This trend has been spurred by increased focus on privacy issues as well as new innovations such as blockchain. These advanced cryptographic techniques include the ability to compute on data while preserving important privacy requirements, and the ability to prove correctness of such computations while still maintaining privacy.
However, these new technologies are hard to deploy for multiple reasons, not the least of which is the sheer complexity of understanding the seemingly contradictory requirements of proving correctness of computation while not revealing its inner workings. Further complicating deployment is the need to adopt these cryptographic protocols into usual (distributed) computer programming methodology.
IBM Research and its university partners including: UC Santa Cruz; Cornell University and Cornell Tech; University of Illinois at Urbana Champaign; Oregon State University are collaborating on new programming systems and languages to build secure cryptographic applications.
The project named PASCAL enables software engineers to write programs in a traditional manner but augmented with authentication, privacy and parallelization directives so as to allow automatic compilation of such programs into code that integrates these advanced cryptographic protocols. The $14.7M project is funded by the Homomorphic Encryption Computing Techniques with Overhead Reduction (HECTOR) program of the Intelligence Advanced Research Projects Activity (IARPA).
Part of the HECTOR team. From left to right, Flavio Bergamaschi, Victor Shoup and Charanjit Jutla.
The collaborative effort brings together expertise in various fields of cryptography, including.
- UC Santa Cruz Assistant Professor Owen Arden will lead the design, specification, and implementation of Blaze, which offers a high-level programming model for building secure distributed applications with advanced cryptographic mechanisms.
- Professor Andrew Myers of Cornell University will bring his expertise in automatic partitioning of program specifications into distributed code that optimizes the need of expensive secure multi-party computation (MPC).
- Assistant Prof. Andrew Miller of University of Illinois at Urbana Champaign will lead the design of tools that enable reasoning about the security of the Blaze system.
- Associate Prof. Mike Rosulek of Oregon State University will bring his expertise in MPC, and in particular in private-set-intersection.
- Professor Victor Shoup of New York University, and visiting research scientist at IBM Research, will lead the design of fully homomorphic encryption (FHE) libraries.
- Flavio Bergamaschi and his team at IBM Research in Hursley, UK will develop and integrate private machine learning using FHE into the Blaze system.
- Professor Rafael Pass of Cornell Tech and Associate Prof. Elaine Shi of Cornell University will focus on oblivious random-access memory (ORAM) as well as MPC, zero-knowledge proofs and consensus.
- Charanjit Jutla of IBM Research will focus on verifiable computation and will also be the principal investigator.
The investigators on the project say that the PASCAL project will enable widespread deployment of advanced cryptographic technologies through usable implementation of existing and further optimized cryptographic protocols, programming languages that establish the constructs and metadata needed to specify and reason about properties of those protocols, and systems implementing high-level compilers and development tools that utilize the metadata to deploy cryptographic protocols as needed.
The project investigators expect that outcomes will include “major progress towards the vision of real-world deployment of cryptography without dedicated cryptographers.”