Apr 21, 2022 | Atlanta, GA
Research in securing cloud storage conducted by a Georgia Tech professor continues to gain recognition 15-years after publication and will receive the International Association for Cryptologic Research (IACR) Test-of-Time Award later this year.
Sasha Boldyreva’s paper that her former Ph.D. student, Adam O’Neill, presented at the Crypto 2007 conference has been cited over 1,000 times according to Google Scholar and is one of the first papers to formally study the security of efficiently searchable encryptions for cloud storage.
When Boldyreva first came to Georgia Tech she talked to database researchers and learned about the problems they had securing remote servers. Specifically, faculty were not able to search and retrieve encrypted data while also being able to maintain security.
“You want to keep your data secure, but also need to be able to retrieve it,” Boldyreva said. “I was constantly getting asked if there was a way to make searchable encryption more efficient.”
The standard method of encryption randomizes data to maintain security. However, database researchers found when they retrieved information from a remote server it was often scrambled in a way that couldn’t be deciphered.
To work around this, database faculty used deterministic encryption as a limited solution to search and retrieve parts of remote data without losing any information in the process. This made the process easier, but much less secure. In fact, because the coded text is always the same for a given plain text message, studying the application of deterministic encryption was ignored by cryptographers at the time due to its weak security.
“What is a good deterministic scheme? No one really knew,” Boldyreva said. “My Ph.D. student, my former Ph.D. advisor, and I decided to study the bigger problem of efficient searchable encryption.”
The team began by formally defined the term “efficiently searchable encryption” and proposing specific cryptographic schemes to make deterministic encryption more secure. While the team’s results showed deterministic encryption still posed security risks, Boldyreva said the goal was to define a starting point and allow academics to build from there.
“This has become a very hot topic in cryptography,” she said. “Researchers today are targeting searchable encryption with much stronger security guarantees, but they still view our paper as a starting point.”
Since the paper published in 2007, Boldyreva has continued working on searchable encryption. She recently built one of the most secure searchable encryption schemes to date with the help of her current Ph.D. students.
“This has remained my favorite area of cryptography,” she said. “It is nice to receive recognition for the challenging work we put into our research.”
The award will be presented at the Crypto 2022 conference in August. This is Boldyreva’s second test of time award. She was also recognized in 2020 by the International Conference on Practice and Theory in Public Key Cryptography (PKC) for her work on new multi-user digital signatures in 2003.
Deterministic and Efficiently Searchable Encryption was written by Boldyreva, who currently serves as the associate chair of graduate studies at the School of Cybersecurity and Privacy, O'Neill, and Mihir Bellare, her former faculty advisor.