CAREER: A Cryptographic Toolbox for a Privacy-Preserving Web

To use a web service today, Internet users must often reveal their private information to the web-service provider. For example, Internet users upload their photographs to online photo albums, reveal their interests to web-search engines, and disclose their favorite websites to Internet service providers. Sending sensitive data to web-service providers is a serious privacy risk: the provider could lose the user's data in a data breach, decide to sell it later on, or be forced to disclose it to a foreign government.

At the same time, web services are indispensable. Thus, computer users currently have no choice but to hand over their sensitive data to web-service providers and to suffer the accompanying privacy risks. This project will develop a new suite of privacy-protecting web services that never see or process any unencrypted user data.

This project's goal is to make it possible for everyday Internet users to enjoy the tremendous benefits of today's web while shielding them from the accompanying privacy risks. In addition, the educational aspects of the project will focus on the development of undergraduate content and an openly available textbook to teach security and systems in tandem.

This project consists of three parts, each dedicated to the development of a different private web service. The first part focuses on private machine-learning inference: allowing a client to evaluate a large server-side machine-learning model on its private data (e.g., the client's photos) while revealing no information about the client's private input data to the machine-learning service.

The second part focuses on private search: allowing a client to search over a server-side corpus of billions of documents (e.g., web pages) while revealing no information about its search query to the search engine's servers. The third part focuses on private web browsing: allowing a client to browse a web of hundreds of millions of text-based pages while revealing no information about which pages it is reading.

Building each of these three private web services will require new technical tools. In particular, this project will develop a suite of new low-level cryptographic primitives, including new high-speed protocols for private matrix multiplication, new protocols for private nearest-neighbor search in high-dimensional vector spaces, and a new cryptographic primitive, distributional private information retrieval, which allows a client to privately fetch data from a remote database server at relatively low cost.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.