Every year, interns from academic institutions around the world apply and grow their knowledge as members of the research community at Microsoft. In this Microsoft Research Podcast series, these students join their internship supervisors to share their experience working alongside some of the leading researchers in their respective fields.
In this episode, PhD students Anunay Kulshrestha (opens in new tab) and Karan Newatia (opens in new tab) talk to Senior Cryptographer Josh Benaloh (opens in new tab) about their work this summer on ElectionGuard, a free, open-source toolkit that enables voters to verify that their votes have been accurately counted. Kulshrestha and Newatia discuss their contributions to extending ElectionGuard to mail-in voting and rank-choice voting, respectively; what is needed for widespread adoption of the verifiable election technology; and why they’d recommend a Microsoft internship to other students.
(Editor’s note: After its design and development by Microsoft, ElectionGuard is now part of the newly formed nonprofit Election Technology Initiative, which will join with Microsoft to further ElectionGuard’s growth and help advance its adoption.)
[MUSIC PLAYS UNDER DIALOGUE]
KARAN NEWATIA: I think the fact that I myself came back here probably says something. And I mean like both the interns and the full-time researchers, they are truly experts in what they work on, and it has been a joy to, to get to work on the projects that I did not just this summer, but last summer, as well.
ANUNAY KULSHRESTHA: I was often told that MSR was … is a very special place, and I did not realize that until I got here. And I really agree. I think it is very different from a lot of academic departments, but also very similar in a lot of ways. And I enjoy that. I enjoy the differences, and I also enjoy the similarities.
JOSH BENALOH: Welcome to Intern Insights, a Microsoft Research Podcast featuring brilliant students who are contributing to the research and advances at Microsoft as part of the renowned internship program at Microsoft Research.
I’m Dr. Josh Benaloh, a senior cryptographer here at Microsoft Research, and I’m talking today with two of our finest interns: Anunay Kulshrestha and Karan Newatia, who are working with me on a project called ElectionGuard, a free, open-source toolkit that allows voters to check that their votes have been accurately counted.
So welcome, Anunay; welcome, Karan. I’m going to start by asking you to introduce yourselves and talk a little bit about your own background, where you’re from, your schooling, your graduate work—what’s going on there. So, Anunay, would you like to start?
ANUNAY KULSHRESTHA: Sure. Thanks, Josh. So I grew up in … I grew up in India. I grew up in New Delhi. I moved to the US for my undergrad at Stanford in math and computer science. I was very interested in public policy, so I stayed on for a master’s, and I’ve been trying, in my graduate work at Princeton, I’ve been trying to apply techniques from cryptography to public policy, and my graduate work is mostly techniques that are useful to public policy problems and working on the interplay between privacy and accountability and how cryptography can offer solutions there.
BENALOH: Wonderful. Karan, would you like to say a little bit about yourself?
KARAN NEWATIA: Sure. Yeah. I’m originally from Assam, India. Then I went to high school in Delhi. I came to the US for college. I went to Cornell in upstate New York. I majored in computer science, and I decided to do a PhD. Currently, I’m a third-year student at the University of Pennsylvania. My research focuses on logical systems, especially the privacy and security aspects of large-scale systems.
BENALOH: Great. Thanks. So there are a lot of opportunities that you have. You’ve done, you know, great work as, as students, and you could have stayed at your university. You could have gone other places. Why did you choose to spend the summer at Microsoft Research?
KULSHRESTHA: So I’m uniquely interested in elections, I think. I consider elections to be a very important public system that cryptography can improve upon. My interest in these sorts of techniques, you know, predates just elections and the election problem. Like I think the same techniques can be applied to auctions, as well. And so when I heard about ElectionGuard, I think I was immediately attracted to it, and that’s, that’s why I applied, and that’s why I’m here at Microsoft Research.
NEWATIA: Sure. So I wanted to come to Microsoft Research because I wanted to like apply research in like a real-world setting, the problems that industry cares about. And I interned here last summer, as well. I interned in the data systems team, and I loved what I did last summer, so I wanted to come back. And this time, I wanted to do something that was closer to what I do in my PhD research. So I decided to apply to the security and crypto team. And then Josh sent me an email about this project called ElectionGuard, which I was completely fascinated by because the underlying crypto that’s used in this project is extremely similar to what I’m already doing in my PhD and I wanted to use what I already know and want to learn more about in a real-world context, in this election context.
BENALOH: So let’s, let’s talk a little bit more about ElectionGuard. I wonder if you can tell the listeners a little bit about what it is and how it works. It’s OK to go into the math a little bit, get a little bit geeky, maybe talk a little bit about the fundamentals of homomorphic encryption and how that leads to things. Why don’t you start, Karan?
NEWATIA: Sure. So ElectionGuard is generally about end-to-end verifiability while still maintaining the privacy of individual voters. So what this means is there’s a few properties. Firstly, a voter should be able to verify that their vote was correctly counted. This just means that if they voted for Candidate A, then they should be confident that the vote was actually recorded for Candidate A. Secondly, this also means that anyone should be able to verify that all the correctly recorded votes were correctly tallied up, and this preserves the integrity of the election. At the same time, other voters should not be able to know what a voter’s vote was, and they should not be able to prove to others who they voted for because otherwise they could sell their vote. Now that’s like the high-level idea. In terms of how we actually do that, there’s a few cryptographic tools that we use. For example, homomorphic encryption. This is used to encrypt the user’s vote and add up all the voters’ individual votes. Homomorphic encryption allows us to do computations on, on ciphertext. So let’s say there’s two candidates, A and B, and say a voter voted for Candidate A; then the vote is an encrypted vote of Candidate A and similarly for the other candidate. And the election parties can simply just sum up all these individual votes, which are encrypted, and then decrypt that later.
BENALOH: So, so this allows the votes to be tallied without ever being individually decrypted. They’re only decrypted in aggregate.
NEWATIA: Right. Only the final result is, is known.
BENALOH: Great. Do you want to add anything?
KULSHRESTHA: Yeah, I, I guess we could offer that analogy, right? So end-to-end verifiability is fairly easy to do if you don’t care about ballot privacy, right? Everyone votes. Everyone votes in a public fashion. All votes are public. And so now it is very easy for a voter to verify that their vote is indeed counted. And it’s very easy for everyone to verify that the tally is correct. But, of course, we don’t want people to vote publicly. So that’s why we need cryptography, and that’s why we need homomorphic encryption, to be able to compute on private data and compute this tally function, eventually, without revealing anything about the, the votes themselves.
BENALOH: Great. So one of the limitations of the original deployment of ElectionGuard was that this homomorphic encryption was done only after voters indicated what their preferences were, and that has some limitations because it can’t be used, well, for things like mail-in voting because there’s no way for the encryption to be done in front of the voter on a piece of paper. We, we were dependent on voters using the devices in precinct in order to vote. So we’ve done some work to support mail-in voting and, Anunay, can you talk a little bit about what you’ve done there?
KULSHRESTHA: Sure. So in the current design, in the new version of ElectionGuard, we, we allow election authorities to pre-encrypt ballots, which do not contain any voter selections. So these are just encryptions of every possible selection that a voter can make, and a voter can then choose what selections they would like to make just as in [a] normal mail-in ballot where you get to fill it in, in ink. And so a voter can just select which encrypted selections they want. And later on, election authorities can aggregate voter selections and compute an election record, which looks indistinguishable from an election record produced by in-person voting. And you can still have the guarantees of end-to-end verifiability with mail-in voting. Although the challenge part is a bit, is a bit different because you have to ask for a new ballot every time. So that is the main difference between the mail-in challenge and the normal challenge.
BENALOH: Indeed. Another one of the limitations in the original deployment of ElectionGuard is the dependence on homomorphic encryption, and homomorphic tallying was not compatible with rank-choice voting. So, Karan, I’d like to ask you a little bit about, you know, what work you’ve done to enable rank-choice voting to be used with ElectionGuard.
NEWATIA: Sure. So as Josh mentioned certain voting systems such as like rank-choice voting or write-in votes cannot be done using homomorphic tallying. So the idea that we use is called mixnets. So a mixnet, basically, at a high level, it shuffles the order of the votes such that after the shuffling is done, the random order that we get at the end does not reveal anything about the voters. So in particular, let’s say there’s a few entities which are the mixers, once the voters have voted, their votes are still encrypted. But then instead of being homomorphically tallied, they are sent to the first mixer. The first mixer re-encrypts all the ciphertext, which just means adding an encryption of zero to each vote, and then permutes them by shuffling the order and then passes it along to the next mixer and so on until we get the order from the last mixer. Once we get the final random order from the last mixer, we can decrypt the votes just as we did in the homomorphic case. And doing so does not reveal anything about the voters’ choices themselves.
BENALOH: OK, so while we’re down in the weeds, there are a few more things that we’ve been working on this summer, and another one of the challenges that ElectionGuard has had is that when voters check that their votes are accurately recorded, that capability didn’t kick in until after an election closed. And that might be two weeks after election day, and it’s not very satisfying. So, Anunay, you’ve been doing some work on enabling voters to do the verification of their ballots right away, in real time, at a poll site. Can you talk a little bit about that?
KULSHRESTHA: Yeah. So the key problem here is that I, as a voter, would like to test that this ballot marking device isn’t cheating me. And it is not very satisfying, like you said, to know that after two weeks, right. So the idea is that voters should know, there and then, should be able to unlock ballots that they don’t want to cast, at the polling booth itself. And … so the technique that that you designed that allows us to reveal the randomness that was used in encrypting the vote instead of revealing the key—because we can’t reveal the key—the election … an individual vote cannot be decrypted. But what can be done is the randomness that was used to encrypt it can be revealed to the voter, and the voter can re-encrypt the vote using the same randomness and check whether the machine encrypted their vote correctly. So in some sense, instead of decrypting something, we’re re-encrypting the same data and checking whether the encryption is the same or not. And so in some sense, we get a check on correctness of the ballot marking device. And the voter can do this using, well, in theory, a calculator and a paper. But I think it’s better if they use an independent verifier app to do this.
BENALOH: Mm hmm. And, and can you say a little bit about the study that you’re working on right now, feverishly, trying to, to get in place that will test some of this?
KULSHRESTHA: Yeah. We would like to … we would like to test how voters feel about doing this sort of verification in person, how they feel about using an external app that is distinct from the ballot marking device, what the effect of using paper receipts is. We’re interested in all these questions and trying to increase voter confidence. So we’re going to go into the community and go into the field and try to catch some voters and ask them questions.
BENALOH: I’m very much looking forward to that experience and, and what we learn. We’ve already learned a lot just in trying to prepare the study and lots more when we actually do it, I, I expect. So, Karan, another thing that people have raised about ElectionGuard is the fear of quantum computers and how quantum computers might come along and break cryptographic methods sometime in the future. It’s not really an urgent concern for ElectionGuard, but it’s a long-term concern, something we need to be aware of. Can you talk a little bit about the research that you’ve been doing to study alternatives to, to address the threats of quantum computation?
NEWATIA: Sure. So I think this is a real and a very important concern. So concretely, I guess the issue is that what a malicious group of people or the government themselves could do is they could store encrypted votes right now and then decrypt them later using a quantum computer once that becomes efficient. So currently, we are using the ElGamal cryptosystem, and while it is very efficient, easy to understand and so on, it’s not quantum resistant. So this means that we’ll have to start thinking about how we could move in-person voting systems with end-to-end verifiability to ones which are quantum resistant. So I’ve been looking into some of the latest work in this area, and there’s a lot of promising papers that have come recently. So, for example, there’s a couple of them which are built on the hardness of the lattice problem, in particular using the BDB cryptosystem, which is quantum resistant. So one challenge with BDB as, as compared to ElGamal is that it’s not very efficient currently, at least, to prove, in zero-knowledge, that the encryption was done correctly. This is something that we had not discussed before, but since we have been talking about verifiability, now, one important aspect of this is proving that a user’s vote was encrypted in a well-formatted manner. This means that when a user goes into vote in a voting machine and they vote for a particular candidate, the voting machine should not record their vote to be for multiple candidates or for no candidates, for example, if it’s an election where they could only vote for one candidate. So this has to be proved in zero-knowledge, which means that the voting machine or the prover is able to prove that there’s only one, one vote and no less and no more. But it doesn’t actually reveal who the vote was for. So while this is fairly efficient to do in the ElGamal cryptosystem, this is still not the case for the BDB crypto system. So one important challenge going forward would be to think about like how we could adapt the existing ideas, such as the one I mentioned, using lattices, and explore the research aspects of how to make proving zero-knowledge or even the encryption itself more efficient and bring it closer to being deployed in practice.
BENALOH: So one challenge with, with ElectionGuard and the techniques that are used there is that there is mathematics behind it. And although we can mathematically prove something, we may have trouble convincing individuals who may not like mathematics, may not be immersed in it, that this really proves that an election is correct. We’re asking voters to do things like check their votes and challenge things, and it’s possible that no voters will challenge it! So what kinds of challenges do you see in getting voters to accept this technology, to use this technology, feel comfortable with the technology? What can we do here?
KULSHRESTHA: So I think voter education is key. Without, without voters understanding that their ballots are safe and secure and will not be individually decrypted—only the result will be known—without them understanding that, I think a lot can go wrong. A lot of misinformation can be spread about these sorts of verifiable election systems, which … the sorts of misinformation that isn’t possible to spread about current election systems, right? And that obviously remains a central challenge. But like you mentioned, I think the biggest challenge is just voter apathy, right? What if no one cares? And I think that’s a larger societal issue, right? Like general apathy about our political institutions is on the rise. And I think that definitely endangers this entire verifiable election project, as well.
BENALOH: And we don’t want to imply that we’ve solved all of the problems. I think using this technology today is great. It can improve what we have tremendously. But there are still questions. And, and, Karan, I know you’ve been looking a little bit about dispute resolution, for instance, as one of the things we’d like to find better ways to handle. Can you talk about that a little bit more?
NEWATIA: Sure. So this problem of dispute resolution basically is that … so while … currently voters have the choice to either cast or spoil their ballot. This means that after they have entered a vote, they can either choose to challenge it, which means that, as Anunay had mentioned before, their vote would be decrypted and shown to the voter, or they can just choose to cast it, in which case it will be encrypted and the voter then cannot prove to anyone else that they voted for a specific candidate, because otherwise they, they’d be able to sell their vote. But this creates a problem because since the voter isn’t able to prove who they voted for, the election authorities, if they are cheating, there’s no known way right now to resolve this conundrum.
BENALOH: So one of the challenges of, of dispute resolution is that even though a voter might be able to tell that something is wrong, the voter might not have quite the evidence that would be needed to show a third party and prove that something went wrong. Can, can you say a little bit more about how that fits into dispute resolution?
NEWATIA: Sure. So, yeah, as Josh was saying, even though the voter themselves individually know that their vote was recorded differently, they are not able to prove to a third party that this was the case. Say the voter actually voted for Candidate A, and then they challenge their vote, but when the vote is decrypted using the verification process, it’s actually shown to be a Candidate B instead of A. But only the voter themselves knows that they voted for Candidate A. And, of course, as we had mentioned before, they cannot prove to someone else that they actually voted for Candidate A. So this, this creates a problem of how to resolve this issue. I think this is some combination of cryptography and, and policy because there’s a broader question here of like, let’s say we had a technique to resolve this. This would mean that the integrity of the election would be in question. So how do we then resolve it? Like do we cancel the whole election? Do we try to find the source of the bug and then let the voter vote again? Or what else do we do?
BENALOH: One thing I think that’s being highlighted here is that elections aren’t just about math, that elections involve mathematics, but there is a social component. There are advocacy aspects and rules that have to go into this. Election administration is a discipline unto itself. So one of the interesting things about working on elections is bringing together people from these many disciplines to find solutions to some of these problems. I wonder if you have any thoughts or experiences on how to try to bring a mathematical solution into the world that is not so much about mathematics.
KULSHRESTHA: I, I think we begin by hiding the mathematics! [LAUGHS] By making it more palatable, I think, in ways for voters that are not as mathematically inclined, I think, is a big first step. So I think WhatsApp has tried to use visual fingerprints, right? There’s a, there’s an entire literature on using non-mathematical ways to allow people to deal with cryptographic objects. I think that line of work is central to deploying these sorts of verifiable elections. On the point of dispute resolution, I think one thing that I think people should understand is that the problem here is that we would like voters to not be able to prove who they voted for if there was no problem but be able to prove who they voted for if there was a problem, right. And that is the central issue with dispute resolution.
BENALOH: Yeah, that, that certainly is one of the deep challenges that we face in this. Um, is there anything else that either of you would like to add?
NEWATIA: Um, sure, I think regardless of the current open challenges, this is like a great step forward because I personally believe that all data that leaves your, for example, mobile device should be encrypted by default. This is currently not the case, and I know we are talking about in-person voting, but generally, I think a person’s data should be encrypted by default, and this is certainly not the case right now. And this is why there’s a lot of data breaches in the first place. So if everyone’s data is secure, then even with breaches, there’s nothing a hacker could, could learn.
KULSHRESTHA: Yay, homomorphic encryption!! [LAUGHTER]
BENALOH: So Microsoft Research is a very active place. There are many other interns around doing many things. Have either of you had many opportunities to talk with other interns and find out what they’re working on and interact and learn about their work and contribute to yours, as well?
NEWATIA: Sure. So as … since we have been discussing post-quantum, a friend of mine who just finished an internship, Michiel, he has been working on sort of the problem that I was saying, how to bring quantum-resistant systems closer to practice. He has been thinking on like designing the hardware to make this closer to reality.
BENALOH: So you’ve given up your summers to some extent, to, you know, your work at Microsoft Research. But it’s not all work, of course. There are lots of other things that go on, lots of activities. And one of them is the, the Microsoft Puzzle Day. And you both did participate. Your team did very well. I wonder if you’d like to say a little bit more about the experience of Puzzle Day or other activities here that are intended to, to be more fun and social?
KULSHRESTHA: Yeah, I, I, I think I thoroughly enjoyed Puzzle Day. I was bummed we couldn’t find teams for the other puzzle events. There’s a lot. I did not expect to find so many puzzle events over the summer. Actually, before coming to Microsoft, I did not know about the puzzle culture, so this was definitely a pleasant surprise. Yeah, and I think if I’m in the Seattle area, I would like to probably contribute to this later on.
NEWATIA: Yeah, I definitely enjoy all the intern events that, that Microsoft has been organizing. So they also organized like other events beyond the puzzle ones, such as like one where we went to Topgolf, and that was very fun, for example. And it’s also a great way to get to know more about the other interns, and there are interns here who are from all over the world, and I, I think I’ve actually learned a lot from interns who work not just in the area that I work in, but also from other areas to see what the state of the art, what are the important problems, not just in academia but in industry.
KULSHRESTHA: In some sense, the intern events are like the social aspects of conferences because they’re pretty much just graduate students, right?
BENALOH: Yeah. But one, one thing I learned in my graduate student days is that the real activity doesn’t necessarily go on in the talks and the meeting rooms. The opportunity to socialize and learn from others outside in the hallways and at dinners really is where things happen.
KULSHRESTHA: Because most of your collaborators are most likely from your peer group, and, you know, they, they will also be doing interesting things in the future, so it’s, it’s definitely good to know who’s doing what.
BENALOH: Yeah. And I think the serendipity of bumping into people in the halls and asking what they’re doing and finding out leads to more interesting research sometimes than the things that you come in planning on doing and working on. So with this experience, I know you’re getting near the end of, of your internships, both of you. Is this something that you’d recommend to others? Why, why should others consider coming to Microsoft Research?
NEWATIA: I think the fact that I myself came back here probably says something. I definitely love working here at Building 99. It’s probably one of the most innovative buildings in the world, and that’s because of the people here. And I mean like both the interns and the full-time researchers; they are truly experts in what they work on, and it has been a joy to, to get to work on the projects that I did not just this summer, but last summer, as well. This is something I wholeheartedly, totally recommend to anyone who, who was, who was thinking about doing an internship in industry.
KULSHRESTHA: I, I was often told that MSR was … is a very special place, and I did not realize that until I got here. And I really agree. I think it is, it is very different from a lot of academic departments, but also very similar in a lot of ways. And I enjoy that. I enjoy the differences, and I also enjoy the similarities.
BENALOH: So after you go back to your respective PhD programs, I know you’re at different stages. Anunay, you’re getting close to finishing. Can you talk a little bit about what you hope to do, would like to do, after you, you complete your PhD?
KULSHRESTHA: Sure. I am going to be on the academic job market. So I, I guess this is the self-promotional part of this podcast! [LAUGHS] My, my thesis is, like I mentioned, is on cryptography for public policy. So I apply cryptographic techniques to problems of privacy and accountability. And I’m interested in the independence that academia offers. So that is my plan currently. But that might change. I am very open to working for nonprofits or working in government to deploy some of these things in the future. So I’m very open to all of those ideas. But I think my home generally would be in academia.
BENALOH: So, Karan, you’ve got a couple of years left, I think, but what would you like to do when, when you’ve completed your PhD?
NEWATIA: So I’m on the other side of the spectrum, I guess! I definitely want to work in industry after I graduate, and this is because, while I’ve enjoyed working in and doing research in academia, I … after I graduate, I want to work on bringing ideas from research into practice, and a lot of it still requires fundamental research. So some of the problems are only known in industry and a lot of it is due to like the scaling issues, which companies like Microsoft face. And I think that’s a very, very unique challenge because not only do you have to do fundamental research; at the same time, you have to potentially work with the products teams to figure out how you can integrate it into real-world products. And one other thing that draws me to industry is the fact that I think it’s, it’s a challenge and a joy to get to work on, on products and ideas which can impact millions of people around the world.
BENALOH: So we talked about your backgrounds a little bit at the beginning and then dove into the geeky stuff very quickly. So I think I’d like to circle back a little bit and get a little bit more of a sense of what, what you enjoyed in your childhoods growing up, how you got to the point where you, you both came to the US to go to university. Anunay, you were talking to me a little bit before we started about your difficulty with geometry as a student. Do you want to say more about how you managed to work your way around geometry in school?
KULSHRESTHA: Sure. I was, I was very interested in mathematics in high school, and I decided that I could not really handle geometry. I focused on number theory. I got very interested in number theory. I … it was sad that all the Olympiad questions in number theory were very easy, but I, I was very interested in number theory when I got to college, and I was very interested in doing research. And in India, we have wonderful undergrad institutions, the IITs, except they’re, they’re very good undergraduate institutions. They do not… they’re not research institutions; they’re not akin to an R1 university in the US. They, they do not … and also, more importantly in India, public funding for research often goes to government labs and not the state institutions or private universities like it is everywhere else in the world. And so what this leads to is a dearth of funds in research at both the undergrad and the graduate level in India. So it was very clear to me in high school … and I came to the US for a math camp in, I think, 11th grade. And it became very clear to me that if I wanted to do research at the undergrad level, I would have to get into a college in the US, and that’s why I ended up applying. And when I got to the US, I realized that pure mathematics was way too hard for me! [LAUGHS] There were people that were much smarter that could do, you know, mathematical research. And I figured that analysis was just way too difficult. So I switched to algebra. I decided to do more number theory and decided to apply that. And cryptography was, I think, a natural extension of that. That combined with, I think, my own politics. And around that time when I was in college, Phil Rogaway’s talk on the moral character of cryptographic work, I think, really changed my perspective on, on what cryptography is and what it can do. And, and, yeah, I think it was my freshman year when I decided I would like to do more of this. And, yeah, ever since then, I’ve been trying to find more problems to apply these techniques to.
BENALOH: Yeah, it’s, it’s great that you’ve been able to find interesting problems to apply these methods to that also have social impact. One thing you mentioned, many of the listeners might not be aware of the existence of math camps. That might seem alien. Can you just say a little bit more about what they are and how they work?
KULSHRESTHA: Yeah. So in, in the US and around the world and now there are a lot of summer camps for students that are interested in mathematics that is not arithmetic, right. So introduction to college-level mathematics in high school, I think, is very important for people to understand whether they would like to study mathematics because college mathematics is nothing like high school mathematics, right. And a lot of these, like SUMaC, PROMYS, the Ross math camp in the US, now also have international branches. There’s a PROMYS program in India now, but these are highly selective, you know, math camps. And most of the folks I met at these camps ended up doing math majors, and I think about 50 percent are actually doing math PhDs, so people know very, very early if they’re interested in math, and these are some of the places where they find out.
BENALOH: I’ll say quickly, I did the Ross camp back in, I’m embarrassed to admit, 1976 when I was in high school. So it’s been going on for a long time. Karan, can you talk a little bit about your path to Cornell? What you were doing as a high school student and, and maybe even before that …
NEWATIA: Sure. So I went to boarding school for high school in, in New Delhi. I guess I’ve been moving farther and farther away from my hometown. So what I was thinking about, like what I would major in in college, I initially actually came in as a chemistry major because I had enjoyed doing that in high school. And in fact, I told my friends and my parents that I’d major in anything but computer science before coming to college. All, all my friends in high school enjoyed it, but for some reason, I, I completely hated it. I don’t know why. I had never actually taken a computer science course before I came to college, but when I took my intro chemistry class, I happened to get like a C, so I realized it’s probably not for me. So I, I wanted to explore what else I could major in instead. One good thing about undergraduate in the US, as compared to India, is that in the US, you don’t have to know what you’re going to major in right away. You can have like a preferred major, but you are free to change it. In India, you have to apply to a specific major and that’s what most people end up doing because of the requirements. So in my freshman year at Cornell, I decided to take a few different classes very broadly. I took courses in environmental science, material science, computer science, physics, etc. And I think what stuck with me was, was the intro computer science course. I’d never taken a course before, as I said, but I think it was a completely new paradigm for me, which I wanted to learn more about. And then I kept taking more and more computer science classes; I realized like this is what clicks for me and what made me really interested in doing research in it was my computer systems course, where we focus a lot on like the security aspects of computer science. So, for example, this is a very simple attack, but we did like a buffer overflow attack. And I realized like this is a real-world problem because even a simple attack can be deadly. So that’s when I knew I wanted to work on security in general. And after I started my PhD, I got more into the cryptographic aspects of security and privacy such as homomorphic encryption, proving in zero-knowledge, mixnets, and so on. And I guess that’s what I’m doing this summer, too.
BENALOH: Great. Yeah, it’s important, I think, for, for people listening to understand that we don’t, as researchers, have one path that we’re just following, you know, directly your whole time. I myself was a math major. I mentioned the Ross math camp I did before I was an undergraduate. I went to graduate school in mathematics thinking, “I’m doing math; I’m doing math.” And I found, as, as you mentioned, Anunay, that I was not going to be that good. [LAUGHS] So after a year in graduate school, I looked back at my undergraduate time and said, yeah, I did OK in my math classes. I got A’s and B’s, but all those computer science classes that I took just for fun were all A’s because they were so much fun! Maybe I should have learned something from that! And that’s when I switched into computer science and found my way into cryptography. So it’s, it’s, it’s good to have the opportunity to move back and forth and find the thing that’s really right for you.
NEWATIA: Yeah, one thing I wanted to add is that if you are truly passionate about learning something, it’s fine if you don’t get it right away. This was the case for me. Even in the intro computer science course that I took. For example, I struggled to understand the concept of like recursion, and it took me quite a few months before I actually, you know, got what it really is. And my younger sister actually —, she’s a couple of years younger than me—she helped me understand what it is! But I realized like even if this seems hard at first, if I’m truly passionate about something and I ask others for help, that can be really helpful, and I’m, I’m glad to be where I’m at right now.
KULSHRESTHA: On another tangent, I will mention that in terms of interdisciplinary research, this is, I think, often the case that departments don’t know how to bucket you. So I think a lot of tech policy research, even today, happens outside CS departments. So I tried applying to non-computer science departments, right, policy departments, with the sort of work I was doing, and they obviously did not have the, the expertise to advise me. But then computer science departments that do have the expertise also relinquish a lot of policy work, right, to other departments, and I don’t think that’s right, and I think that needs to change in academia.
BENALOH: Is there anything that either of you would like to add about your experiences here or recommendations to other people in, in how to, you know, best learn and contribute and, and go forward?
NEWATIA: Sure. So having spent two summers at Microsoft, one thing I’d recommend to other interns is reaching out to other people here, not just other interns, but also other full-time researchers. As I mentioned before, spending time with other interns can be, can be very valuable. And you can also get to learn more about what other people here are working on, both interns and full-timers. And this is something that we may think that it could be easy to do, but then as we spend more and more time in research over the course of the summer, we may not have enough time to spend time with other interns, for example. But I just want to say this is one of the most rewarding aspects of interning here.
KULSHRESTHA: Yeah, I’ll, I’ll just add to that and say that, yeah, I think meeting other interns is actually a very rewarding aspect because we don’t get that at our home institutions as much, right, we only get to talk with our research groups and, you know, other people in our programs, and that sort of cross-pollination does not happen very naturally outside of conferences. So I think that’s a very natural pathway to find collaborators, to find interesting problems to work on even after the internship. And I think I would highly recommend that.
BENALOH: Yeah, so, Karan, I know you’re deeply involved in preparing your end-of-internship talk and, and wrapping things up, and, Anunay, I know that the study is pressing down hard on, on our time and trying to get things done, so I want to thank you both for taking the time and sharing with listeners about your experiences here this summer. Thank you.
KULSHRESTHA: Thank you.
NEWATIA: Thank you so much, Josh.