Applying New Mathematics for Robust Cryptography and a Safer Internet
September 12, 2011
By applying a new mathematical paradigm to cryptography, Dr. Antonio Nicolosi and his research group in the Department of Computer Science at Stevens Institute of Technology, together with other computer scientists and mathematicians at CUNY, are laying the foundation for a safer Internet. The National Science Foundation (NSF) has recently awarded this team a grant that will support the development of new cryptographic tools and protocols, as well as foster a unique collaboration between the cryptography and group-theory research communities.
To advance the field of cryptography, Dr. Nicolosi and his partners are capitalizing on recent developments in combinatorial group theory (CGT), which presents a new mathematical framework for cybersecurity. Unlike algebraic approaches, in CGT the order of operations matters, giving rise to new possibilities for forming crucial "hard problems." But, as Dr. Nicolosi says, "Formulating these math problems into the language of cryptography and computer security can be elusive." Randomness is a critical component of cybersecurity, but probabilistic modeling in particular is missing in the current state of CGT. Incorporating an understanding of unpredictability, on the other hand, provides a new perspective in the search for hard problems.
After collaborating with CUNY researchers to tackle the fundamental mathematics, Dr. Nicolosi will lead the Stevens team in the implementation of their findings and experimentation in the computer domain. "This is the type of collaborative, forward-thinking research that can have tremendous impact to the security of industries, governments, and individuals," says Dr. Michael Bruno, Dean of the Schaefer School of Engineering and Science at Stevens. "The project anticipates future security issues that will develop as computing power increases."
Computer security relies on the quantifiable hardness of a handful of mathematical problems referenced in cryptographic methodologies. Once these problems are translated into the cybersecurity domain, encrypted data becomes as hard to understand as the mathematics itself. While this makes for robust security, the downside is that there are very few problems that fit the hardness criteria and can be translated into computer language. As a result, most cybersecurity is based on a very small number of problems, and discovering new problems has proven difficult.
Because heterogeneity among problems enhances the overall resilience of security, more problems will have an immediate application in the current computing era. In the long run, however, there is a far more pressing need for radical new mathematical references. The inevitable arrival of quantum computing and superfast processing speeds will make some of today's problems relatively easy to solve. "We need to develop new problems today that anticipate the possibilities of quantum computing tomorrow," Dr. Nicolosi says.
The educational opportunities for participating students are exceptional, as the project explores an entirely new kind of cryptographic approach. Undergraduates as well as graduate students will be involved in building the systems used to test the new problems. "CGT could also improve authentication protocol efficiency," reports Dr. Nicolosi, who also mentors a recent NYU PhD graduate in developing alternative authentication protocols, supported by the Computing Innovation Fellows Project. These protocols would make authenticating to a website faster, without compromising the level of security.
"Cybersecurity is one of the key research and education thrusts in Computer Science at Stevens," says Dr. Dan Duchamp, Director of the Department of Computer Science. "This project entails both fundamental and applied research that will impact the field for years to come."
Dr. Nicolosi is a cryptography expert who is also part of the multi-university Nebula Project, which was awarded a $7.5 million NSF grant to pursue a cloud-computing paradigm as part of the NSF's Future Internet Architecture program. He is also affiliated with the Center for the Advancement of Secure Systems and Information Assurance, which pursues collaborative research initiatives in information assurance and cybersecurity. As a result of widespread research and educational activity in these areas, Stevens Institute of Technology has been recognized by the National Security Agency as a National Center of Academic Excellence in Information Assurance Education and a National Center of Academic Excellence in Information Assurance Research.
For more information, visit the Computer Science department Web site.