Nearly every time you open a secure Google Chrome browser, a new cryptographic system developed at MIT’s Computer Science and AI Lab (CSAIL) is helping protect your data.
To secure online communications, cryptographic protocols run algorithms that do some complex arithmetic on large numbers. Behind the scenes, however, a small group of experts write and rewrite those algorithms by hand, weighing various mathematical techniques and chip architectures to optimize for performance. When these underlying factors change, the researchers essentially start over from scratch—a labor-intensive process. The resulting algorithms may not be optimal and often have bugs that must be caught and fixed.
Fiat Cryptography, developed by Adam Chlipala’s Programming Languages and Verification group at CSAIL, automatically generates optimized cryptographic algorithms for all hardware platforms—and mathematically verifies them at the same time. Tests showed that its algorithms match the performance of the best handwritten code, but they’re produced much faster.
The automatically generated code has populated Google’s BoringSSL, an open-source cryptographic library. Chrome and Android apps use the library to generate various keys needed to encrypt and decrypt data. Today about 90% of secure Chrome communications run Fiat Cryptography code.