Our reliance on the Internet is increasing all the time. Tadayoshi Kohno, an assistant professor of computer science and engineering, worries that even if our data is encrypted, hackers can still glean information about us by working around the codes. For instance, someone tapping into your system might not be able to view the movie you’re watching but could guess its title from properties such as the file size and the compression algorithm used.
So Kohno invented the concept of systems-oriented provable security. Traditionally, cryptologists have assumed that a security protocol is unbreakable if no one they show it to can crack it. But with provable security, they use sophisticated math to show that cracking a given code would require someone to decipher a cryptographic “building block” that’s known to be secure.
Kohno extended this technique to the system level, examining everything from the software that compresses a file to the Internet protocols used to send it. He searches for weak points that might leak identifying information and writes provably secure algorithms to protect them. One of his schemes can handle data transmitted at 10 gigabits per second, the new Internet standard–a rate that overwhelmed previous security protocols. The U.S. government is incorporating a derivative of the scheme into an official encryption standard; Kohno anticipates that banks and corporate networks will use it as well.