Security
Live

The Future of Cryptography with Professor Vinod Vaikuntanathan

Cryptography is one subject the average computer user is unlikely to think much about. We all value security in our online transactions, especially when it comes to financial management, sharing sensitive data such as medical records, or privacy in our personal communications. But when a system is deemed generally trustworthy, few people think twice about the actual mechanism keeping their information secure.

Not so with MIT Professor Vinod Vaikuntanathan, who has made a career thinking about the failure points of modern cryptographic methods and new systems that can bolster or replace them. Now, with the looming potential of quantum computers and the widespread creation and adoption of machine learning algorithms that could affect all our lives, Professor Vaikuntanathan’s research is as relevant as ever.

Finding His Interest

Professor Vaikuntanathan was first hooked on cryptography when, as a sophomore in college, one of his professors gave him lecture notes by MIT Professor and famous cryptographer Shafi Goldwasser and UCSD Professor Mihir Bellare, which he found to be a “fascinating read.” Soon after, he came to MIT as a graduate student to study under Professor Goldwasser, where his thesis—“Randomized Algorithms for Reliable Broadcast”—won the 2009 George M. Sprowls Award for the best MIT PhD thesis in Computer Science.

After graduating, Professor Vaikuntanathan spent two years as a postdoctoral fellow at the IBM T.J. Watson Research Center and then a year at Microsoft Research. These experiences led him to the problem of homomorphic encryption, or being able to compute on encrypted data without ever un-encrypting said data. Stemming out of his previous work on lattice-based cryptography, Professor Vaikuntanathan says that he’d been thinking about the topic for several years before he and his colleagues came up with a way to do homomorphic encryption based on the learning with errors problem, the basis of all modern fully homomorphic encryption schemes for which he is now credited as a co-inventor.

Since joining the MIT faculty in 2013, Professor Vaikuntanathan’s research has been recognized with several awards including the Simons Investigator Award (2023), Gödel Prize (2022), Harold E. Edgerton Faculty Award (2018), DARPA Young Faculty Award (2018), the Sloan Faculty Fellowship (2013), and the Microsoft Faculty Fellowship (2014).

Cryptography and Quantum: Why We Should Be Worried

A large portion of Professor Vaikuntanathan’s current work relates to the impending threat of quantum computers on cybersecurity. In a recent CSAIL Alliances panel on the subject, Professor Vaikuntanathan said, “nearly all public cryptography that we’re using on an everyday basis, perhaps without realizing it, relies on the hardness of factoring very large numbers or solving the discrete logarithm problem. Both of these can be solved in polynomial time if you have large-scale quantum computers.” While the quantum computers of today are small, error-prone, and not yet capable of breaking RSA security, qubit technology has been proven functional, which means it may only be a matter of time before someone invents a quantum computer robust enough to break the encryption methods that protect nearly everything we do in the digital world.

The most promising alternative cryptography method being studied right now is called lattice-based cryptography, which offers a new way of encrypting information. Lattice-based cryptography can be roughly understood as embedding a secret pattern in a collection of seemingly-random points where the only way to see the pattern is to know exactly which direction to look at the points. “Lattices and geometry can hide information,” Professor Vaikuntanathan explained when describing the method, offering novel ways to keep data secure.

While this is an exciting option, Professor Vaikuntanathan is also cautious because currently, lattice-based cryptography is “the only game in town.” Some alternatives based on elliptic curves that have been tried in recent years have been broken by classical computers, making them unlikely candidates to stand up to the quantum computers of the future. Professor Vaikuntanathan thinks that we need many more potential solutions, all of them extensively tested for weaknesses. He’s also a believer in hybrid systems or “either/or” algorithms, which are secure as long as either the new or the old cryptosystem are secure. While more expensive to implement, this is what he says he would choose if he were updating a cybersecurity system.

There is some hope that quantum information itself could provide answers to long-standing questions in cryptography. One such idea is the “no cloning theorem,” which is based on the fact that quantum information cannot be copied due to the nature of quantum states. For example, a money system based in quantum would be impossible to counterfeit. However, because quantum computers are still in their early stages, it’s impossible to know how practical such methods would be and should therefore inspire cautious optimism.

Machine Learning: Risks & Considerations

Another subject Professor Vaikuntanathan is studying is the danger of machine learning models, particularly the problem of undetectable back doors. The current excitement around machine learning means that many companies are contracting with external services to rapidly build and train models for various uses. While using external providers speeds up the journey to implementation, it opens companies to the risk of hidden back doors, which can be undetectable even to computer science experts. Imagine, for example, a model designed to generate an interest rate for homebuyers. It might behave normally for most customers, but perhaps the contractor who trained the model embedded a way to tweak the outcome to a person’s advantage, information they can then sell or use to their own benefit.

Unfortunately, Professor Vaikuntanathan’s research shows that there’s currently no way to certify the adversarial robustness of AI models, or guarantee there are no such back doors. For companies, this means that the safest way to design AI models is to build them internally, although that’s not feasible in many situations. The truth is that the use of AI models is on the rise and there are, Professor Vaikuntanathan believes, “major security risks that come from machine learning models not being battle-tested.”

Professor Vaikuntanathan sums it up saying, “the fact that you will have these untested AI models that decide what we do with our lives… that makes me worried.”

Looking Forward

Despite its long history, Professor Vaikuntanathan believes that we’ve only just scratched the surface of what is possible in cryptography. Mathematics is a large field, and he thinks there are many more hard problems that can be exploited for cryptographic solutions. As increasingly powerful adversaries like quantum computing appear and the need for security guarantees grows, cryptographers like Professor Vaikuntanathan will need to “constantly be thinking about how to best attack these problems.”

But the gulf between theory and implementation is significant when it comes to widescale cryptosystems. For example, when replacing deeply embedded systems like the RSA encryption system, there will be enormous costs, long timelines, and the need for a pipeline of talent to both invent and rigorously test new solutions. That’s why Professor Vaikuntanathan thinks investment at this stage is critically important. He recommends companies consider their post-quantum strategies now to protect their most valuable information from future decryption methods, and—perhaps most importantly—he says we should be actively educating the largest possible set of people who understand post-quantum systems and will continue to push the frontier of cryptography.

Learn more about Professor Vaikuntanathan on his website or CSAIL page.

Upcoming Events

Share

Related Articles