Cloud Security & Cryptography

Established: August 27, 2009

Cloud computing provides clients with a virtual computing infrastructure on top of which they can store data and run applications.  While the benefits of cloud computing are clear, it introduces new security challenges since cloud operators are expected to manipulate client data without necessarily being fully trusted. We are designing cryptographic primitives and protocols tailored to the setting of cloud computing, attempting to strike a balance between security, efficiency and functionality.


The current generation of cloud computing infrastructures do not provide any security against untrusted cloud operators making them unsuitable for storing sensitive information such as medical records, financial records or high impact business data. To address this we are pursuing various research projects that range from theory to practice.

Homomorphic cryptography. The most common use of encryption is to provide confidentiality by hiding all useful information about the plaintext. Encryption, however, renders data useless in the sense that one loses the ability to operate on it. To address this we are designing cryptosystems that support a variety of computations on encrypted data, ranging from general-purpose computations to special-purpose computations. Our research on homomorphic cryptography includes work on fully-homomorphic encryption (FHE), somewhat homomorphic encryption (SHE), searchable encryption, structured encryption, functional encryption and garbled circuits.

Proofs of storage. Using a proof of storage (also known as a proof of data possession or a proof of retrievability) a client can verify whether the cloud operator has tampered with its data. In particular, this can be done without the client storing a local copy of the data and without it having to retrieve any of the data. In fact, the work for the client is negligible no matter how large the data is.

Secure cloud storage systems. We are designing cloud storage systems that provide confidentiality, integrity and verifiability of client data against an untrusted cloud provider. Our systems provide security without sacrificing efficiency and utility by making use of new cryptographic techniques like homomorphic encryption, searchable encryption, verifiable computation and proofs of storage.


Conferences & Workshops

Related Projects



Portrait of Josh Benaloh

Josh Benaloh

Senior Cryptographer

Portrait of Kevin Kane

Kevin Kane

Principal Software Development Engineer

Portrait of Melissa Chase

Melissa Chase

Principal Researcher