Computing on Encrypted Data

The basic nature of encryption has always been all-or-nothing: anyone who is privy to the secret key can decode and recover the entire data; but, without the key, nothing can be revealed. In other words, the only useful action that could be performed on encrypted data was decryption using the secret key. In the modern world of cloud computing, we store much of our personal data in the cloud, and perform computations on them remotely. The numerous security concerns with cloud storage and computation raise a number of challenging questions: Can we encrypt data and run computations on it without decrypting? Can we encrypt programs and allow users to execute them without discovering any details about their internal operations, other than the eventual result?

This project is dedicated to the study of the paradigm of computing on encrypted data and programs, and the design of fundamental cryptographic primitives underlying this broad goal. Specifically, it focuses on three major cryptographic primitives: (i) fully homomorphic encryption, which enables computations on encrypted data; (ii) functional encryption, which enables expressive access control; and (iii) program obfuscation, which lets us hide the structure of programs while preserving their functionality. The overarching goal is to develop constructions of these cryptographic primitives that achieve a high degree of efficiency, but also guarantee security under well-studied cryptographic assumptions. Towards this end, the project explores both software and hardware techniques, and the use of novel mathematical tools from algebra, geometry and number theory.