For many of us, the pri­mary reason we use “the cloud” is for storage—whether it’s storing email through ser­vices like Gmail and Yahoo!, photos on Flickr, or per­sonal doc­u­ments on Dropbox. Many orga­ni­za­tions like hos­pi­tals and banks uti­lize the cloud to store data on patient and cus­tomer information.

But there’s also a com­pu­ta­tional side to the cloud that comes into play when, say, we search for an old email or per­form com­plex analyses of large vol­umes of data stored there.

Regard­less of the sce­nario, it’s clear that pre­cious per­sonal infor­ma­tion is stored in the cloud, and we’d like to think it’s secure up there. Enter Daniel Wichs, an assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence. He is part of a multi-​​university research team that is working to make sure the cloud is as secure as pos­sible. The project is sup­ported by a grant project announced Thursday by the National Sci­ence Foundation’s Secure and Trust­worthy Cyber­space pro­gram and is a part of a larger NSF effort to sup­port foun­da­tional cyber­se­cu­rity research and education.

The col­lab­o­ra­tive “Fron­tier” project includes researchers from North­eastern, Boston Uni­ver­sity, the Mass­a­chu­setts Insti­tute of Tech­nology, and the Uni­ver­sity of Con­necticut. The team will deploy and test the mech­a­nisms they develop in this project using the Mass­a­chu­setts Open Cloud—a part­ner­ship of state gov­ern­ment, industry, and uni­ver­si­ties including North­eastern that is designed to create a new public cloud com­puting mar­ket­place to help spur innovation.

We’re devel­oping tools at all levels of the system,” said Wichs, a cryp­tog­raphy expert who will focus his efforts on this area of the project.

Encryp­tion,” he explained, “is a pro­ce­dure we’ve been thinking about basi­cally since the dawn of time, but we’ve only had good ways of doing it since the 70s.” Until recently, even the best encryp­tion strate­gies were lim­ited when it comes to cloud com­pu­ta­tion, he said, adding that “The problem is that stan­dard ways of encrypting data render it use­less. Once encrypted, there is no way to per­form any com­pu­ta­tion over it.”

Patient data is a prime example. If a hos­pital wants to con­duct large-​​scale analyses on this infor­ma­tion, it is lim­ited to looking at local com­puters because fed­eral Health Insur­ance Porta­bility and Account­ability Act, or HIPAA, laws pre­vent it from sharing pri­vate details about patients with external enti­ties. The hos­pital can easily store encrypted patient infor­ma­tion, but it can’t uti­lize the increased com­pu­ta­tional powers of external com­puters to ana­lyze it because encryp­tion pre­vents that possibility.

In recent years, a new method for com­puting on encrypted data has come about that has the poten­tial to change all that. “I can send you encrypted data, you run the com­pu­ta­tion and then send me back the encrypted answer,” Wichs explained. “I can decrypt the answer because I have the secret key, but you never learn anything.”

This break­through presents great promise, but the approach is still too inef­fi­cient to be widely useful, Wichs said. With this grant, Wichs will try to change that. By devel­oping new the­o­ret­ical methods for encrypting data and per­forming com­pu­ta­tions on that data, he hopes to pro­vide a new level of secu­rity to cloud-​​based computing.

We want to take a stan­dard pro­gram and con­vert it to work on encrypted data,” he said. Prior approaches needed to first con­vert the pro­gram into a much less effi­cient cir­cuit rep­re­sen­ta­tion before being able to eval­uate it on encrypted data. Wichs is working to build new encryp­tions schemes that can eval­uate stan­dard pro­grams directly.

The research project aligns with North­eastern emphasis on use-​​inspired research that solves global chal­lenges, par­tic­u­larly in the areas of secu­rity, health, and sustainability.