New approach promises to revolutionize data privacy and enhance analysis capabilities for critical operations
As data security concerns continue to grow, a cutting-edge project is addressing one of the most pressing issues within the Homeland Security Enterprise (HSE): ensuring that sensitive data, including personally identifiable information (PII) and biometric data, remains protected while still being usable for analysis. Led by Taeho Jung from the University of Notre Dame, along with his colleagues at Duality Technologies, this groundbreaking research is focused on advancing privacy-enhancing technologies (PETs) that promise to revolutionize how data is processed without compromising privacy.
The Problem: Balancing Privacy and Data Accessibility
Homeland Security faces a significant challenge: while the need for data analysis is essential to safeguard national security, the privacy of individuals must be protected. Currently, PII and biometric data are either not shared at all or shared in an unencrypted form, making them vulnerable to security breaches. This limitation stifles the ability to fully analyze and utilize valuable data for operational needs.
Jung and his team are tackling this problem head-on with their project, “Cerberus: Guarding Sensitive Data with Trigeneous Secure Computations.” Their objective is to keep sensitive data encrypted at all times, even during processing. “Currently, data is decrypted when used, making it vulnerable to breaches,” Jung explains. “We’re working on reducing the computational overhead of keeping data encrypted while ensuring it remains practical for real-world applications like Homeland Security, where quick data processing is crucial.”
A New Approach to Secure Computation
The project’s primary innovation lies in combining fully homomorphic encryption (FHE) with trusted execution environments, such as Intel’s SGX, to enable secure computations on encrypted data without significantly compromising performance. FHE has long been hailed as a promising method for encrypting data during computation, but its widespread application has been limited by high computational overhead. The team’s approach aims to make encrypted data processing faster and more scalable, reducing the operational burden that typically comes with these technologies.
“We hypothesize that the overhead can be reduced to an acceptable level,” Jung explains, “without the performance being too far behind current operational environments. By combining cryptography with trusted execution environments, we believe we can significantly minimize the overhead.”
A Collaborative Effort
The project is being carried out with support from a diverse team, including faculty from the University of Notre Dame and technical experts from Duality Technologies. The team’s collaboration with stakeholders across various departments, including the DHS privacy office, S&T, CBP, CISA, OBIM, and others, ensures that their work is aligned with the practical needs of Homeland Security. This collaboration has been vital in driving the project’s progress and ensuring its real-world applicability.
As the project moves forward, it will continue to evolve and adapt, with the ultimate goal of making secure data processing an integral part of Homeland Security operations. With its potential to enhance privacy and data analysis capabilities, the research could be a game-changer in the fight against evolving security threats.
Challenges and Overcoming Setbacks
The project, which has been making steady progress during its tenure, has not been without its challenges. One significant obstacle was the unexpected graduation of a Ph.D. student, which led to a gap in the team’s research capacity. However, the team quickly adapted by recruiting undergraduate students who contributed to the research efforts. Despite this setback, the team has made remarkable progress, developing novel algorithms for secure record linkage and biometric authentication, and testing these algorithms on prototype systems.
“Our biggest challenge was the computational slowness when encrypting data,” says Jung. “But we have made significant strides in improving speed, particularly by integrating homomorphic encryption with Intel SGX. Another challenge is the lack of access to Homeland Security’s specific algorithms, which has made fine-tuning solutions difficult. We’re exploring open-source libraries and developing a general model that we hope will apply to Homeland Security’s needs.”
Key Achievements and Future Directions
The team’s work has already yielded impressive results, including two prototype systems for secure record linkage and secure facial/fingerprint matching. These systems are designed to handle encrypted data without compromising security or performance. In addition, the team has published research at a top-tier conference (PETS 2024) and has submitted a journal article to IEEE TDSC.
One of the most significant breakthroughs involves applying a summation-based approach in FHE-based set intersection for record linkage, which increases scalability for sites and servers holding encrypted data. In the biometric authentication scenario, the team has also developed a novel data packing strategy for FHE-based similarity calculations, improving the efficiency of encrypted biometric feature comparisons.
The next phase of the project will focus on integrating trusted execution environments into the secure computation pipeline, further enhancing performance and security. This integration is expected to improve both the computation and communication overhead, making encrypted data processing even more efficient.
A Transformative Impact on Homeland Security
Stakeholder engagement has played a pivotal role in shaping the direction of the project. Feedback from Homeland Security stakeholders, such as those from the DHS privacy office, has been instrumental in refining the team’s approach. For example, insights into sharing partial metadata from encrypted data helped the team better align their work with federal data processing standards.
Jung envisions a future where this research will significantly improve data security and analytical capabilities within Homeland Security. “By making encrypted data accessible without decryption, more data can be shared and analyzed, boosting machine learning and AI capabilities,” he says. “This will enable better decision-making and enhance security without compromising privacy. While the full impact may take years, this framework lays the groundwork for future advancements in secure data processing.”
Through their innovative work, Jung and his team are setting the stage for a more secure and efficient future, where sensitive data can be analyzed without fear of exposure, paving the way for a safer and more informed homeland security landscape.