Encryption and Secure Clouds Receive NSF Security Funding

• By Dian Schaffhauser
• 07/31/14

The National Science Foundation's Secure and Trustworthy Cyberspace program has issued two multi-million dollar awards for multi-institutional projects in cybersecurity. One award is for help researchers develop encryption techniques for making a program, not just its output, invisible to outsiders. The other hopes to build information systems for the cloud with multi-layered security.

The Center for Encrypted Functionalities, managed out of the University of California, Los Angeles (UCLA), is working on research into "program obfuscation." This technology strengthens security by making a computer program "unintelligible" while still preserving its functionality. Should a human programmer introduce vulnerability into the code, for example, nobody would be able to find it since the code itself would be a jumble of nonsensical numbers.

The primary goal of the center, which was awarded $5 million, will be to "transform program obfuscation from an art to a rigorous mathematical discipline," the Web site stated.

"Our center's mission is to explore every aspect of the new world that is opened up by encrypted functionalities," said Amit Sahai, a UCLA professor of computer science who will be the lead principal investigator on the project.

"Humanity has been encrypting messages using mathematics for hundreds of years. But the question of encrypting a functionality seemed out of reach," he noted. "In human terms, this question is like asking whether it is possible for someone to keep a secret, if an adversary can see how every neuron in her brain behaves."

Besides the UCLA team, project collaborators also include researchers at Stanford University, Columbia University, the University of Texas at Austin and Johns Hopkins University.

The second grant, this one for $10 million, was awarded to the Modular Approach to Cloud Security (MACS) project. Researchers from Boston University, MIT, the University of Connecticut and Northeastern University will construct a cybersecurity system from separate components, each with its own security. The idea is that the security of the entire system will come from the security built into each piece.

"Our goal is to build a cloud with clear and transparent security properties," said Ran Canetti, a professor of computer science at Boston U and lead researcher on the project. "Furthermore, we intend to make it modular, thus enabling the construction of cloud services from basic components in a security-preserving way. If successful, this project will transform the way we currently build and argue about secure systems."

The system will be integrated into the Massachusetts Open Cloud hosted at Boston U to provide a testbed for checking out the mechanisms before they're built to scale.

A unique aspect of this project is that members of the MACS research team will interpret early results and code them into solutions to allow users of the Open Cloud to share systems data. Then other researchers will be able to adapt those solutions for their own work.

Both awards also come with an education component. MACS will develop training programs to help IT professionals build their cybersecurity skills. The UCLA-based center will produce massive open online courses to teach the fundamentals of encryption. Also, the researchers on these projects have committed to supporting programs that introduce K-12 students to cybersecurity and computer science.