There’s a new weapon against hackers, and it’s being developed right here at FIU. The technology, a new family of algorithms, is called Tamper Evident DATA Security Protocol – or TED(SP) in short.
Researchers from FIU’s School of Computing and Information Sciences—in collaboration with researchers in the Siddaganga Institute of Technology (SIT) in Karnataka, India, with suggestions from Asad Madni, former president and CTO of BEI Technologies, California—have discovered a family of algorithms that will revolutionize the securing of data from hackers.
To understand this new tamper-evident data security protocol, let’s first look at the traditional ways to protect information. The typical way of safeguarding data is through the use of cryptographical methods, which include encryption and decryption. Most people have received an encrypted email at some point – an email that displays as a bunch of symbols, but if you are the intended recipient, a simple “key” or code unlocks the ciphertext (uninterpretable text) and you are able to read the message.
On the backend, there are various ways in which encryption is achieved. Homomorphic encryption allows computation on ciphertexts that results in the encrypted message. When decrypted, the message appears as the plain text it was intended to be. This type of encryption is mostly used in cloud computing and highly regulated industries such as health care, where it’s required to safeguard patients’ information. A health care provider, for example, may encrypt patients’ health care records and outsource them to be stored and processed in a commercial cloud environment. Another method, non-malleable cryptography, does not allow the transformation of ciphertext into another ciphertext, which then decrypts to a plaintext.
A skilled cyberterrorist can design a mechanism that can filter and break the encryption algorithm to reveal the message in a readable form.
“Hackers are getting smarter and more creative every day and we’re always looking at ways to combat their efforts. We looked at existing algorithms and discovered this family of algorithms that can enhance current cybersecurity protocols,” said S.S. Iyengar, the director of the School of Computing and Information Sciences who is also the Distinguished University Professor, Ryder Professor of Computer Science at FIU. “Not only does it provide enhanced security features to stop hackers in their tracks, it also decreases the time of encryption and decryption as it takes less time to implement the algorithm.”
This new technique plays games with hackers and confuses them by using a switchable-malleable method – a combination of the homomorphic and non-malleable encryption models. By randomly switching between these two models, it prevents hackers from reversing the code because they cannot see it in the first place. Also, since the model can behave either as homomorphic encryption or a probabilistic non-malleable encryption, the hacker will not be able to use traditional hacking methods.
“Our goal is to stump hackers with this novel approach,” added Iyengar. “If we are successful in our efforts, this will become the new frontline in cybersecurity.”
The real-world applications for TED(SP) include cloud computing, specifically making storage more secure so that hackers can’t access data easily —and also, other areas such as healthcare, stocks, email claims, mobile devices and social media.The next step is to further develop the algorithms, test them, and finally, implement the technology. Iyengar and the research team hope to eventually apply for a patent.