People of ACM - Raluca Ada Popa

September 20, 2022

With many potential avenues to pursue in computer science, what made you decide to work in security and cryptography?

I love both to build systems that can solve a real-world problem and to reason about deep mathematical concepts. At the beginning of my research career, I tried working on research areas that had only one of these attributes, but I always found that I keenly missed the other.

Security and applied cryptography beautifully combine these two aspects. At the core of our research are advanced cryptographic techniques whose expressive mathematical properties can enable seemingly conflicting properties to coexist. Using these techniques, we design and build systems that address real-world problems.

I also love the adversarial thinking security requires. It is like playing a game—a tough game.

Your work has helped in allowing servers to be more secure by storing and computing on encrypted data. In the past, computing on encrypted data has been prohibitively inefficient. Can you discuss why this was a challenge and what new innovation(s) you introduced to make computing with encrypted data possible?

In simple words, computing on encrypted data has been challenging because encrypted data is intended to look random, essentially like “gibberish.” Performing computations such as addition or multiplication on such data also results in “gibberish.” The initial protocols for embedding the ability to compute in the encryption algorithm (such as fully homomorphic encryption) were orders of magnitude slower than regular computation.

My research approach has been to design solutions not only from the cryptographic standpoint; my research combines an understanding of systems and cryptography which often results in much faster solutions. For example, instead of trying to design a cryptographic scheme that can compute all functions on encrypted data, we focused on enabling database systems to run on encrypted data. With an understanding of such systems, we could isolate common computing building blocks in these applications (e.g., equality filters). Then, we focused on designing cryptographic schemes tailored for each such building block. Such tailoring often permitted much higher efficiency than a one-size-fits-all algorithm. Finally, coming back to systems, we leveraged these faster cryptography schemes via new system designs such as new query planners or cost modelers that could reason efficiently about cryptographic computation.

Computer hardware products aren’t always enough to prevent data breaches in cloud computing services. Why is this and how does your Opaque distributed data analytics platform bolster security in cloud servers and distributed computing environments?

Opaque provides a combination of hardware security protection and cryptographic protection. Hardware security modules such as enclaves suffer from side-channel attacks, many of which arise from an attacker observing which memory addresses a victim program accesses. Even if the data at those addresses is encrypted by the hardware, the addresses themselves leak information about the control flow and sensitive inputs of the victim program. We showed how cryptographic mechanisms such as oblivious computation can eliminate these memory-based vectors of attacks and we provided efficient algorithms for data analytics on confidential data.

What is an example of a new line of research in cryptography and security that will become increasingly important in the coming years?

I believe that confidential computing, while relatively recent in academic research, will revolutionize data systems in industry in the coming years. By confidential computing here I refer to the combination of hardware security via hardware enclaves and cryptographic techniques. Many organizations have a lot of confidential data that they cannot share between different teams in their organization or different organizations. Sharing it would enable better medical studies, better fraud detection, increased business effectiveness, and other benefits. And unlike purely cryptographic solutions, many of these systems are highly performant and suitable for use in practice. In recent years in academia, there has been a rich amount of work on confidential computing, showing how to enable secure collaboration and how to improve the security of data systems, as well as studying its limitations and improvements. Recently, the major cloud providers have also recognized the potential of confidential computing and have deployed confidential computing clouds. My prediction is that many data systems in the cloud (e.g., data analytics and machine learning) will migrate to use confidential computing platforms in the coming years.

We see that you and your students are avid contributors to open-source, including having won numerous artifact badges for the open-source you released for your publications. How do you view the role of open-sourcing artifacts in security and cryptography?

We are indeed big believers in releasing code whenever possible for our projects. For example, we released code for many of our cryptographic systems projects (e.g., Piranha, Snoopy, MAGE, Cerebro, DORY, Delphi, Muse, JEDI, WAVE, DIZK, Opaque, CryptDB, etc.). The goal is to contribute to education in the area of computing on encrypted data to enable other researchers to build on our research, as well as to receive feedback on our work.

In recent years, with our MC2 open-source project, we created a code base that we maintain actively while systematizing our other relevant research prototypes for easier browsing. As part of MC2, we actively maintain a code base that provides confidential computing for data analytics using Spark. Confidential computing can be difficult to understand for non-experts. Hence, the purpose of maintaining more mature code is to enable industry professionals, as well as non-experts, to try out confidential computing, in order to understand more easily what it is and how they can use it. We believe this help create a community around confidential computing across both academia and industry, which will ultimately speed up the adoption of such technologies.

Raluca Ada Popa is an Associate Professor at the University of California, Berkeley, where she is Co-Director of RISELab and SkyLab, two labs aiming to build secure intelligent systems for the cloud and for the sky of clouds, respectively. Her research interests include security, systems, and applied cryptography. A leader in developing innovations to protect sensitive data, Popa is especially noted for having designed systems which protect confidential data even in the event of a data breach. Even with such strong security mechanisms, users maintain their usual access to these protected servers and the servers maintain their functionality. In addition to her work at UC Berkeley, Popa is also a co-founder of the computer security companies Opaque Systems and PreVeil.

Her honors include receiving a Sloan Research Fellowship, an NSF Career Award, and being selected as one of “35 Innovators Under 35” by MIT Technology Review. Popa received the 2021 ACM Grace Murray Hopper Award or the design of secure distributed systems. The ACM Grace Murray Hopper Award is given to the outstanding young computer professional of the year.