Sinister Code-Breakers, Beware

Vladimir Torchilin

In the early– to mid-20th cen­tury, gov­ern­ments com­monly used cryp­tog­raphy to encrypt top-secret mes­sages or mil­i­tary com­mu­ni­ca­tions. But now that the com­puter and Internet age has evolved to a point where smart­phones and tablets are readily avail­able at our fin­ger­tips, its use has become much more wide­spread to meet the chal­lenges of the 21st cen­tury, according to Daniel Wichs, a newly appointed assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence.

“Cryp­tog­raphy is being used every day, but people prob­ably don’t even notice it,” Wichs said. “Whether you’re using Gmail or log­ging on to a site from your mobile phone, cryp­tog­raphy is there making sure others aren’t able to see the data you’re sending and receiving.”

His interest in the field of cryp­tog­raphy blos­somed as an under­grad­uate studying math­e­matics and com­puter sci­ence at Stan­ford Uni­ver­sity. The sub­ject, he said, allowed him to apply com­plex math­e­matics with seem­ingly scant prac­tical appli­ca­tions to solve real-world com­puter sci­ence prob­lems related to security.

Wichs earned his doc­torate from New York Uni­ver­sity in 2011 and later served as a Josef Raviv Memo­rial Post­doc­toral Fellow at IBM before arriving at North­eastern this fall.

Wichs has noticed major changes in the field within the last few years. The mas­sive expan­sion of cryp­tog­raphy work, for example, means researchers have to be much more focused on how out­side forces, like hackers or for­eign gov­ern­ments, try to break through encrypted sys­tems or exploit unknown weaknesses.

In par­tic­ular, his work focuses in part on what are called “side-channel attacks,” in which third par­ties try to learn about an encrypted system by mea­suring infor­ma­tion like how long a com­puter process takes or how much elec­tricity is used by a given calculation.

“You can learn a lot of infor­ma­tion just from these seemingly-meaningless details, so cryp­tog­raphy sys­tems are starting to take them into account too by securing not just the data but also the com­puting system itself,” Wichs said.

He noted that he is fas­ci­nated with cryp­tog­raphy because it merges theory and prac­tical appli­ca­tions in ways that are seldom found in many fields of research.

“It’s a really cool set of prob­lems you’re facing,” he said. “How do you make sure data—which is a key part of nearly every com­po­nent of our lives today—is secured?”

But per­haps the most impor­tant thing about cryp­tog­raphy research, Wichs said, is that the more time pro­fes­sionals spend working to pro­tect crit­ical data and sys­tems, the less time the public should spend wor­rying about per­sonal infor­ma­tion breaches.

“If cryp­tog­ra­phers do their job, you don’t have to think about it all that much,” Wichs said. “It’s our goal to make sure these crit­ical stan­dards and pro­to­cols are in place.”