Dr. Carmit Hazay: Sharing Data While Securing Secrets
Cybersecurity has become the arms race of the 21st century, in which a “tag team” of hackers try to overcome each new security protocol as it is produced. Maximizing the benefits of the digital revolution – and minimizing its risks – is at the heart of cryptography research being conducted by the Engineering Faculty’s Dr. Carmit Hazay.
“Connectivity has its costs – especially for those who want to be part of the conversation, while keeping sensitive information under wraps,” says Hazay, who completed post-doctoral research at the Weizmann Institute, IDC Herzliya, and at Denmark's Aarhus University before joining the Engineering Faculty in 2012. “One of cryptography’s central challenges is establishing the mathematical rules to ensure that secret data is not unnecessarily exposed.”
Hazay’s work involves designing cryptographic protocols to make it safer, simpler and more efficient to control the information we share. According to Hazay, the new mathematical model is applicable to a situation in which both a sender and receiver need to input secret data in order to jointly compute some function based on this data. In this scenario, both parties can ensure that the information ultimately shared will be limited to what can be inferred by the function's outcome.
A fundamental function in this research is set-intersection where the parties, holding secret sets, wish to learn the intersection of these sets and nothing else. This problem has been intensively studied in the last few years mainly due to its potential applications for dating services, datamining, recommendation systems, law enforcement and more.
Hazay's recent approach involves taking advantage of the power of algebraic PRFs – ‘pseudorandom’ functions that, for an efficient attacker, are indistinguishable from truly random functions. Applying this approach to a two-party setting is one of Hazay’s innovations. “The advantage of this new approach is that the protocols are relatively simple to design, and can handle an improved level of complexity as compared to prior methods.” In particular, Hazay's new approach is very useful for privately realizing set-intersection much faster and simpler, compared to prior approaches.
Hazay says that the next step needed to move this approach forward would be to take her mathematical protocols, and run them on real systems. "Secure protocols, properly executed, can make computational cooperation possible, while keeping sensitive information from falling into the wrong hands."