IARPA Program Seeks More Efficient Data Security

CYBERSECURITY

IARPA Program Seeks More Efficient Data Security

7/6/2017
By Vivienne Machi

Photo: Getty

The Intelligence Advanced Research Projects Activity has committed $1 million for two institutions to develop a process that can more easily and rapidly secure data while it is being computed.

Galois, a Portland, Oregon-based computer science research-and-development company, is partnering with the New Jersey Institute of Technology to assess the feasibility of making a technique called homomorphic encryption more practical and easy to use by programmers, said David Archer, research lead in cryptography and multiparty computation at the company.

The contract for the effort — called the Rapid Machine-learning Processing Applications and Reconfigurable Targeting of Security, or RAMPARTS — was awarded in July 2016, he said. Work began on the yearlong project a month later.

Information security today focuses on two aspects of data confidentiality through encryption, he noted. One can protect data at rest, and one can secure information while it’s in motion through systems such as HTTP connections.

“But what we haven’t been able to do yet is protect data while it’s used in computation,” he said. Currently, an encrypted file must first be decrypted before a user can manipulate the data, which opens the door for adversaries to obtain the information once it has been decrypted, he added.

Homomorphic encryption — the foundations of which have been around for several decades — allows the user to compute the information while it remains encrypted, but its usage has been held back by how complex the computations are, Archer said. Even just a few years ago, “it was 12 times slower than normal computing speed,” he noted.

The Defense Advanced Research Projects Agency several years ago conducted a four-year program — which Galois was involved in — to attempt to speed up the process, he said. “And they did, about six orders of magnitude faster.”

Now, as part of the RAMPARTS initiative, the company is performing early research for IARPA to determine whether further study could make the process easy to use for programmers and improve performance, Archer said.

There are practical benefits to developing a more rapid and secure way to compute data in transit, particularly in the case of communications and weapon systems, as well as to prevent satellite collisions, he added. If mutually distrusting countries do not want to share their trajectory information, homomorphic encryption could allow both countries to compute together a result that would provide them a probability of collision “without revealing the details of those satellite trajectories,” Archer said.

After nine months of conducting research, progress is going well under the RAMPARTS program, but the two main issues with homomorphic encryption — of efficiency and usability — still have “a long way to go,” Archer said.

Topics: Global Defense Market, Information Technology, Network defense

Related Events

4/9/2024

IT²EC 2024

VIEW ALL EVENTS

Comments (0)

Name *

Email *

Comment *

Please enter the text displayed in the image.

Characters *

Legal Notice *

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

I have read the legal notice.