The computer systems we have today often undermine our privacy and security, with user data being stored in a cloud and then resold, repackaged, and used in ways that are not in the user’s best interest. Not only that, but there are frequent data breaches and daily news reports relating to cybersecurity events and threats. Professor Henry Corrigan-Gibbs, an assistant professor in MIT’s Department of Electrical Engineering and Computer Science (EECS) and a member of MIT CSAIL, envisions a world in which computer systems are designed to protect the interest of those using the system, a computer system that allows users to get all of the benefits of cloud computing, machine learning, artificial intelligence, and low-latency networks — in other words, everything we like about computer systems — but without exposing users to the risks that today’s computer systems expose them to.
Professor Corrigan-Gibbs completed his PhD in computer science at Stanford, was a postdoc at EPFL, and graduated from Yale University with a B.S. in computer science. His research focuses on computer security, cryptography, and computer systems. He sees a strong relationship between security and privacy, emphasizing that you cannot have security in a company or in a system unless you are protecting user information.
His research projects reflect this overall vision of providing stronger forms of security by bringing cryptographic ideas to practice. Among them is one in private information retrieval, a classic technique that lets users query a database without revealing the query to the database server. If you wanted to look up symptoms of a medical condition pre-internet, you would go to the library and read about it, and no one would know about your reading habits. Now when we look up the same information online, advertisements on the topic follow us, sometimes for months. Private information retrieval is one way to bring back the freedom to access information without leaving digital footprints that are going to tell other people about our activities. Prof. Corrigan-Gibbs is developing new systems for private information retrieval that are fast and cheap enough to operate at Internet scale.
Similarly, Prof. Corrigan-Gibbs is working to help organizations collect information about their users in a privacy-preserving way. For example, a company that makes electric cars might want to know where people usually run low on battery, without learning any individual’s location at any time. Or, a browser might want to know which URLs a user visits crash the user’s web browser, without learning which user is visiting which URLs. Prof. Corrigan-Gibbs has built a system called Prio, a privacy-preserving system for the collection of aggregate statistics, to address these needs. Prio is currently being used by Mozilla’s Firefox browser as part of its telemetry system.
Shoring up hardware security will also contribute to more robust computer systems. Prof. Corrigan-Gibbs has been working on constructing a data center in such a way that, even if an attacker can get into many parts of the data center, the attacker cannot extract any sensitive user data. This construction requires re-architecting how people think about data centers, but would still allow us to keep private information in the data center even if many of the machines in the data center are compromised. Prof. Corrigan-Gibbs says that this could be applied to hardware systems on many scales, in building computer systems that protect against the compromise of some of their constituent components. For example, if you would like your smartphone to be able to perform certain operations or store banking secrets, you can still get good cryptographic randomness out of the phone, even if some of the chips that the manufacturer put into the phone are malicious or have bugs.
Prof. Corrigan-Gibbs has also worked on messaging systems that hide communications metadata. Currently, if you use an encrypted-messaging app, you can hide what you are saying but not who you are talking to, how much you are saying, and when you are saying it — your communications metadata leaks to the company that runs the app. He is developing messaging systems that hide this extra metadata to increase user privacy.
In the future, Prof. Corrigan-Gibbs wants us to be able to have the best possible privacy with minimum leakage possible as we send messages, navigate the web, and interact with shops and banks. Websites would learn exactly the minimum information they need to learn about us for what we need to do. Every other time we are using our computers, our information would stay locally on our machines, or, if it is stored elsewhere, it is encrypted in such a way that the cloud provider or service does not have our sensitive information. Developing these privacy-protecting measures would minimize the impact of cyberattacks and would give us more control over our data and our computing devices.
