Improving cybersecurity
Photos by Kathy F. Atkinson and Evan Krape | Photo illustration by Joy Smoker July 27, 2023
UD Engineering’s Nektarios Tsoutsos received a National Science Foundation CAREER award to develop new ways to protect data
In January 2018, major vulnerabilities affecting a number of computer processors were discovered by Google security researchers. Known as Meltdown and Spectre, these significant security flaws in hardware meant that sensitive data, like passwords, banking credentials or ID numbers, could easily be stolen from an individual’s phone or computer.
Since that revelation, researchers have been looking for new ways to protect sensitive information and data. This security is especially important as more users and institutions are turning to cloud-based computing services for storage and analysis, platforms that are becoming increasingly attractive targets for cyberattacks.
Now, assistant professor Nektarios Tsoutsos in the College of Engineering’s Department of Electrical and Computer Engineering is developing new ways to protect data when cloud services are compromised. With funding from the National Science Foundation’s Faculty Early Career Development (CAREER) Program, Tsoutsos will be developing advanced cryptographic algorithms and programming strategies to protect user information for a variety of applications.
Re-thinking cybersecurity strategies
Tsoutsos described the traditional model of cybersecurity as a system with multiple, vertically stacked layers, with software at the top and hardware at the bottom. The current approach to improving a system’s security is to start at the top with more secure software, he explained. “But what we observe is that attackers keep winning by finding holes in the software,” he said. “The solution is to then go lower, so more towards the hardware.”
But after the Meltdown and Spectre news, it was clear that hardware also had vulnerabilities. “We realized that we need to find a horizontal method that would solve the problem once and for all,” he said. “And that solution says we are going to encrypt the data at all times during processing.”
A horizontal approach means having data encrypted end-to-end, the entire time it is on a device or being analyzed, in contrast to the typical approach of only encrypting the data while it was traveling through a network. “Using this horizontal approach, no one can steal your data because the privacy is guaranteed by the underlying cryptography. The worst-case scenario is that someone will steal the encrypted data, but they don’t have the key to reverse the encryption,” he said.
But while this horizontal approach sounded good on paper, for many years it had been considered too challenging to use. This is because the complicated math that enables programs to read and analyze encrypted data haven’t made very much progress in the past 15 years, meaning that the currently available methods are slow and complicated.
“Our lab’s niche is that we understand this complicated math really well, and we know how to apply it to solve real-world problems,” Tsoutsos said about where his group’s cryptographic algorithm research, and his newly funded CAREER project, come into play. “Now, our focus is to find ways to accelerate these algorithms through advances in hardware.”
Universal protections
Starting on July 1, Tsoutsos and his lab will use their five-year, $534,580 award from NSF to accelerate end-to-end encryption algorithm development to be more simple, usable and easily incorporated into existing computer programming paradigms.
Part of this CAREER award will be used to further Tsoutsos’ work on homomorphic encryption, which allows for end-to-end encryption in a way that still allows data to be processed and analyzed quickly and easily without compromising its security. Their initial work will be focused on encrypted machine learning so users can send their data to the cloud for complex analysis in a way that is safe and secure.
Tsoutsos will also be partnering with NVIDIA and Intel on this research. He said that by working with NVIDIA, a company that is known for designing and manufacturing graphics processing units (GPUs, computer chips that can do math very quickly and are essential for things like video games and advanced machine learning algorithms), this research will accelerate advances in off-the-shelf hardware that will help make this horizontal cryptography possible.
Another output of this CAREER award will be “inventing a new programming paradigm that is expressing the cryptography aspect in a way that is very familiar to users,” Tsoutsos said. “This involves creating a new computer processor design so that the business logic used by the programming side and the math from the cryptography side can work together seamlessly.”
And while their initial case study will be focused on machine learning, this work has the potential to be used in a broad range of applications, from protecting health data to comparing DNA sequences without compromising privacy. “The key ingredient is a universal method to translate the language of programmers on one side to the language of cryptography,” he said. “The benefit is that, for any service that is available right now, you can write an algorithm and process the data securely.”
Cybersecurity community
Tsoutsos’ CAREER award will also support several educational activities. Building off his experience at UD and during his previous role at New York University, Tsoutsos, who is also the associate director of the Center for Cybersecurity, Assurance, and Privacy (CCAP), will coordinate in-person cybersecurity-themed outreach events including summer camps and competitions for underserved communities. Building off the success of events like the Embedded Security Challenge and Capture the Flag events, these activities will be further strengthened by UD’s tight-knit community of cybersecurity faculty, staff and students, added Tsoutsos.
This CAREER award will also support the development of web-based “virtual playground” learning environments. “It is a website connected to a computer service that will be accessible to students and teachers all over the world, where students can learn about cryptography by solving computer riddles,” Tsoutsos said.
Jamie Phillips is a professor and chair of the Department of Electrical and Computer Engineering.
“Dr. Tsoutsos has established himself as a leader in cybersecurity at UD and has established an outstanding reputation in the professional community for his work on cryptography and hardware security,” Phillips said. “He has been instrumental in advancing our programs through our CCAP center, new bachelor of science in cybersecurity engineering degree program and FinTech activities to support the explosive demand for research advances and a robust workforce in cybersecurity.”
Tsoutsos said he hopes that this work not only makes cloud computing safer but that it will also enable everyday users to have greater access to more advanced analytical services. “By advancing this form of cryptography, you’ll be able to securely outsource your data to the cloud,” said Tsoutsos. “And no matter what hardware you are running, or what potential vulnerabilities there might be, you’ll have mathematical guarantees that your data is secure.”
Contact Us
Have a UDaily story idea?
Contact us at ocm@udel.edu
Members of the press
Contact us at 302-831-NEWS or visit the Media Relations website