Cryptography

We focus on the ground-breaking process of computing on data while it remains encrypted, and in the automated generation, validation, and synthesis of high assurance cryptographic solutions.

Our efforts around cryptography fall into two areas of research: secure computation, which enables multiple contributing parties to compute on data while preserving participants’ privacy, and software correctness as it applies to cryptographic applications.

Secure Computation

We design performant solutions in the space of secure computation, allowing multiple parties to compute on data while keeping their inputs private.

With the emergence of large, complex, and near-real time data, organizations and analysts recognize the enormous value in using data to inform decision-making and research. However, privacy concerns arise regarding the way such data is managed throughout its life cycle: at rest, in transit, and during computation. These issues are rightly gaining worldwide attention through the growth of data privacy regulations such as Europe’s GDPR. Secure computation addresses the problem of balancing privacy and sharing needs by enabling limited-trust collaboration among data providers, allowing each to contribute data while cryptographically assuring that their data remains private — even during computation.

At Galois, our efforts in secure computation focus on both fundamental research into novel protocols alongside performant open-source implementations. We emphasize practical applications and usability of the technology for real-world problems. We collaborate with top researchers in the field and are active in both the academic research community alongside ongoing industry standardization efforts.

Our research and development cuts across the entire secure computation spectrum, including:

  1. Secure multi-party computation (both garbled circuit and linear secret sharing based constructions)
  2. Homomorphic encryption (both leveled HE and fully HE constructions)
  3. Practical private set intersection techniques that allow parties to learn what data they hold in common while learning nothing else
  4. Programming languages for homomorphic encryption and secure multi-party computation with a focus on usability and ease of programming 
  5. Zero-knowledge proof systems that aim to scale to large complex proof statements
  6. Cryptographic program obfuscation and its variants

We have several open-source projects in this area, including a suite of Rust libraries for secure computation called swanky (https://github.com/GaloisInc/swanky). 

Our team combines more than 20 years of experience in secure computation and cryptographic research, alongside experience applying secure computation technologies to real-world applications. We actively publish our work at top-tier cryptography and security conferences.

Correctness in Cryptography 

With the advancement of more complex and critical systems that we all rely on, errors in the execution of cryptographic algorithms could compromise security and privacy, leaving the system vulnerable to security attacks. To address this, we apply the effective approaches developed as part of our software correctness area to cryptographic algorithms. 

This combination of techniques can provide extremely high assurance that high-performance, production implementations of cryptography do exactly what was originally intended by the cryptographers who designed the algorithms and satisfy the high-level security requirements that motivate the use of cryptography in the first place. One notable application of some of these techniques is the formal verification of portions of the s2n TLS implementation created by Amazon Web Services.

For more information about our software correctness tools, please visit the Software Correctness page.

×

Contact Cryptography

Connect directly with our Cryptography team to learn more about our work, process, and partnerships. We try to respond to general inquiries within one business day; for inquiries sent to a team lead, please allow more time for a reply.

Projects

Technical Areas