Recently, the digital world has moved to a "cloud" computing and storage model, where businesses are offering storage space, computing power, and access to applications for rent. While this new model presents numerous opportunities, consumers of cloud services will face new challenges in data privacy and integrity. New practical cryptographic schemes for the cloud environment are the expected direct outcomes of this research. On the data privacy front, the goal is to use rental services to efficiently compute on sensitive data without exposing it to the server performing the computation. As a special case, schemes are needed for delegating sensitive capabilities to a partially trusted server. The server will only be able to perform actions allowed by the capability. For example, a user might grant her mail server the right to forward her encrypted email to a colleague without allowing the mail server to read her email. On the data integrity front, the goal is to develop techniques for digitally signing data so that any portion of the data may be quoted or redacted in an authenticated manner. A final goal is to study related foundational questions regarding circular encryption and the limitations of bilinear groups in cryptography. This research develops ideas and implementations for the efficient use of computing resources for rent. Its broader impact is in protecting data privacy and integrity for all users of these popular services.
CAREER: Practical Cryptography for the Cloud