Is it possible to delegate the processing of your data to a party you do not completely trust? What if you do not want to give full access to your data to such party? Or what if the computation you delegate is so sensitive that you must make sure the result is correct, but must do so using only very limited computational resources (which is the reason you delegated the computation in the first place)? These questions are at the core of the usual tension between convenience and availability on one hand and security and privacy on the other. These questions are acquiring a particularly urgent importance as we move towards widespread acceptance of cloud computing, a paradigm where businesses buy computing time from a service, rather than purchase and maintain their own computing resources. These issues also arise from the proliferation of mobile devices, such as smart phones and netbooks: computationally weak devices which might outsource computationally intensive operation, e.g., a cryptographic operation or a photo manipulation, they are not able to perform on their own.
To put everything on line, "in the cloud," without some security and privacy provisions, is to risk an Orwellian future. That is why, for example, privacy laws might require to encrypt medical records before storing them off-site. But once those records are encrypted, how can we allow an outside provider to process them for say billing, or epidemiologic research? Similar trust issue may come up even when handling data which is not private: if we outsource complex market analysis to a financial firm, how do we verify that the final recommendations reflect the actual market data, and not the financial interests of the firm itself? Because safeguarding the security of outsourced computation can be critical (think of military applications) we need to protect ourselves also from non-malicious behavior such as a bug in the code run by the delegated party.
When the Internet evolved from a relatively small network of academic and military nodes into an incredibly large public network, secure protocols like IPSec and SSL (developed through a fruitful research collaboration between academic and industrial centers) enabled us to fully develop its economical and financial potential through e-commerce and e-business. Today we stand at a similar crossroad: the success of the cloud computing paradigm is predicated on our ability to secure it. Security and privacy are not just desirable properties when it comes to outsourcing computation, but they are essential enablers for the paradigm itself. Once again a concerted research effort is needed that can capitalize on the collaboration between academia and industry to design and deploy secure solutions for cloud computing applications.
We propose therefore a research program to explore cryptographic techniques, algorithms and protocols needed in the design of secure outsourced computation mechanisms. When it comes to the security and privacy concerns associated with outsourced computation, we can summarize them in the following very important two questions: (a) Is it possible to protect the privacy of the computation input:} in other words, can an outside party compute for us, without learning our private data? (b) Can you trust the result of the computation: in other words, how does one verify that the outside party performed the computation correctly without investing too many computational resources (without, for example, redoing the computation from scratch)? The goal of this project is to analyze these and other security questions related to cloud computing, and propose new cryptographic schemes and protocols that can contribute to their solution. We believe that this research project will require new approaches and new ways of thinking about the problems themselves, and about the mathematical tools at our disposal. It will contribute fundamental advances to our knowledge and understanding of encryption, authentication and the mathematics underlying them.
