Written by Audrey Woods
In an ideal world, the consumer would never have to worry about how secure their computer is. The hardware would be immune to common cyberattacks by design, the software would be created to counter malicious actors, and public services such as search engines would provide anonymity and prioritize privacy. In short, systems would protect the user’s identity and data by default.
However, computers are a long way from that ideal, a problem which keeps CSAIL Professor Srini Devadas plenty busy. With a background in secure computer architecture and applied cryptography, Professor Devadas has spent his career thinking about how both hardware and software can be better designed to offer users safer and more secure experiences.
Finding His Interest: From Electrical Engineering to Computer Science
When Professor Devadas first joined the MIT faculty, it wasn’t in computer science but in the Research Laboratory of Electronics. With degrees in electrical engineering, his work was originally focused on building tools to help design integrated circuits. But, Professor Devadas explains, “since a lot of integrated circuits have programmable processors in them, I got interested in computer architecture and compilers for these processors.” This led him to join the Laboratory of Computer Science (which would later merge with the AI Lab to become CSAIL) in 1991. The lab director of LCS at the time, Professor Michael Dertouzos, thought Professor Devadas would be a good fit for the security research happening in a broad computing initiative called Project Oxygen, which aimed to make computing “as pervasive and free as air.” After connecting with Project Oxygen, Professor Devadas began to think about storing cryptographic secret keys in the silicon itself, and from there, he says, it was a “small step to secure processors that provided private and authenticated computation.” Soon enough, Professor Devadas had fully shifted into secure architecture and applied cryptography, where much of his work continues to this day.
Over the course of his career, Professor Devadas has witnessed a transformation in the computer science field. Interest has broadened out from technical research experts to a much wider audience, and the software industry has “exploded.” He’s watched CS become integral to a variety of other areas, so much that there are now whole subfields of Computational Biology, Computational Medicine, Computational Materials Science, etc. One notable change he’s witnessed is how the process of making software easier to read and write has lowered the barrier to entry to the point “where it is plausible that a middle school student can potentially (emphasis on potentially) do something that impresses the most accomplished people in the field,” something he thinks is unique to CS. This widespread engagement with computational technology, however, creates a variety of security hazards, where malicious actors can execute attacks with minimal training and the general user might not be aware of the risks they open themselves up to when playing around with programs or online.
Keeping Pace with Complexity: Ideas & Implementation
Nowadays, Professor Devadas says that the biggest challenge in cybersecurity and privacy is “keeping pace with the complexity of (software and hardware) systems, and the increasing interplay and interconnectivity of these systems.” Users want such interoperability for the convenience it offers, but it’s important to figure out, for example, how users can navigate from one application to the next without exposing personal information. Toward that end, one of the things Professor Devadas is studying is how to provide anonymity in closed environments such as private, local networks. He explains, “Say an enterprise wants a provably anonymous bulletin board, or a microblogging site, or a mechanism by which two users can email each other, but it is kept hidden from the adversary, which could be the company itself, who is communicating with whom. We have built a sequence of systems with varying scalability and anonymity properties that address these problems.”
Maintaining data privacy is another major focus of Professor Devadas’s work. He says that “databases are the cornerstone of data analytics,” so it’s important to find ways to safely query sensitive data and compute upon sensitive data. One solution his group introduced is a new data privacy idea called PAC Privacy, which offers a new mathematical framework for thinking about how to protect a sensitive dataset by perturbing the dataset. Enterprises that have sensitive data often want to share aspects of this data, for example an average employee salary. PAC Privacy aims to answer how much sensitive data is exposed when that aspect (in this instance, the average salary) is shared and then offer mathematical guidance on the minimal amount of noise that can be added to ensure that the aspect can be exposed with some guarantee of privacy.
Professor Devadas has also worked in the area of Fully Homomorphic Encryption (FHE), which offers the ability to run calculations on data without ever encrypting it, keeping it fully private. As Professor Devadas points out, FHE is “extremely computationally expensive,” which has proved a stumbling block for applying it in industry. To help address this, Professor Devadas has worked with Professor Daniel Sanchez in EECS on creating custom hardware that can run FHE orders of magnitude faster than multicore CPUs, which could be a first step toward making FHE more practical. Similarly, Professor Devadas’s group has done extensive work on secure enclaves, which are “isolated processes inside a computer/processor wherein private data can be decrypted and computed upon, without fear of exposure.” In short, this mean that, even if an adversary has somehow taken over an operating system with a secure enclave, they wouldn’t be able to access the data or results of a computation inside the enclave. Professor Devadas says, “One can think of secure enclaves running on trusted hardware as doing what FHE does on untrustworthy hardware, except orders of magnitude faster, at a speed essentially the same as native/unencrypted computation. However, unlike FHE, enclaves cannot run or be built on arbitrary, untrustworthy hardware.” In the course of this research, Professor Devadas and fellow researchers have built programmable processors on Field Programmable Gate Arrays (FPGAs) that offer these security guarantees and are resistant to side channel attacks. Their most recent processor Citadel is currently open source.
Alas, it is expensive to build entirely new hardware architecture, even if it does offer better security. Because of this, Professor Devadas laments that useful research projects like the FHE hardware acceleration “is more likely than not to stay in the research oven, simply because the investment required to build custom hardware is so large, and the time frame for hardware development is long.” But in the ever-accelerating arms race of cybersecurity, that might change as the demand for creative solutions that protect user and company data increases.
Looking Ahead: AI Challenges, Cryptography Applications, and Bringing Experts Together
If anything, the question of data security is only going to become more pressing with the widespread use of generative AI and deep neural nets. Professor Devadas says, “as chatbots become pervasive, variations of web security issues will crop up and will have to be handled. The leakage of sensitive information that comes from training AI models is certainly a data privacy problem, and I think it will expand into the copyright domain, which will be interesting.” Professor Devadas also believes that decentralized systems (also known as blockchains, although he dislikes that term) will continue to be popular and, by extension, cryptography applications will become more widespread.
Generally, Professor Devadas would love to see the gap between hardware and cryptography/security experts get smaller, which could “enable the design of trusted hardware that could in turn make the Internet more secure.” This boils down to wanting “hardware manufacturers to invest more money into secure hardware, from secure routers, to microcontrollers, to secure processors.” The good news on that front, he highlights, is that there is a Confidential Computing Summit and associated consortium that promotes enclaves and other types of secure containers and encourages software developers to use them.
As for the general consumer, he wants casual computer users to know as much as possible about privacy risks, common cyberattacks, good email practices, and become more disciplined in their security protocols by using, for example, password managers and two-factor authentication. But fundamentally, he believes that the average computer user shouldn’t have to know about his research on secure enclaves or FHE. He says, “it should be implicit in the systems that the user is using, and by default protect the user's data and identity.”
Learn more about Professor Devadas on his website or CSAIL Page.