Information Security

Privacy-preserving data analysis for cloud-based systems.

Information security research at MERL covers a broad array of topics in secure computation, anonymized statistics, and secure biometrics. Our goal is to develop protocols that enable privacy-preserving data analysis in the presence of untrusted parties, and to develop new insights into the fundamental limits of secure computation.

In computationally secure computation, we have developed efficient protocols for computation of distances via the use of homomorphic encryption and secret sharing. These tools allow computation in the encrypted domain and are well-suited for out-sourcing computation that is carried out by untrusted computers in the cloud. We also work in information-theoretically secure computation, investigating fundamental bounds on what can and cannot be accomplished in the presence of computationally unbounded and malicious adversaries.

In the area of anonymized statistics, we conduct research in the area of statistical inference under privacy constraints. These methods provide a computationally inexpensive method for data analysis while preserving strong statistical guarantees on security. Our recent work has shown that, in applications like probabilistic studies of medical or census data, the combination of sampling and randomization can significantly enhance the privacy of the individual respondents of the database, while still providing useful statistical data to researchers and analytics engines.

We also work on fundamental and applied aspects of biometric template protection. Our recent results include some of the best tradeoffs among accuracy, robustness and security in secure fingerprint biometric systems. Our work towards realizing practical biometric authentication systems encompasses feature extraction from fingerprints, and template protection based on distributed source coding and homomorphic encryption.