For the newest instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Kurt Rohloff, Co-founder and Chief Scientist, of Duality.
Prof. Rohloff is the founding architect of the PALISADE open-source homomorphic encryption library and co-founder of the HomomorphicEncryption.org industry consortium. He was previously a PI on the highly successful DARPA PROCEED program which implemented one of the first homomorphic encryption schemes. Prior to co-founding Duality, he was a senior scientist at Raytheon BBN Technologies.
Tell us about the business you represent, what is their vision & goals?
Duality was founded on the vision of enabling collaboration on sensitive data. Companies, government agencies and other large enterprise organizations are sitting on piles of very sensitive data that is tremendously valuable if researchers, analysts and investigators could collaborate on that data.
For example, cancer research centres have the potential to develop much more effective treatments if they could collaborate on their patients' genomic data and medical records. However, because this data is so sensitive, medical centres are extremely restrictive on who can access this data, for all the right reasons. Duality enables these data owners, like cancer research centres, to collaborate on their sensitive data. We want to enable broad new capabilities for sensitive data collaboration.
What inspires and energises you within your work?
We're the first in the world developing our privacy technologies, the first in the world applying them to high-value applications and we really feel like we're changing the world, very much for the better.
We've been building the underlying technology since 2010, and we've put out one of the leading open-source software libraries for this technology that anyone can download, inspect, validate and use. Our original work was heavily supported by DARPA, the blue-sky technology funding agency of the US government, and it has been so rewarding to see these advanced technologies moving from exciting research projects into products that are changing the world.
Can you share a little bit about yourself and your history in the field of cryptography?
I'm an engineer by training. My PhD is in control systems, which is a field of study that designs the electronics that control factories, planes, and things like that. I was of the generation that was getting my engineering PhD in the 9/11 era, and I went into the US defence industry after my PhD.
I spent the majority of my early career supporting projects for an organization called DARPA which supports the development of advanced technology for security applications. When the underlying theory of the fully homomorphic encryption (FHE) privacy tech was first published, I had just finished a project and was looking for something new to do.
The math I needed for my PhD was well aligned with the math for the underlying FHE privacy tech, and I was able to run one of the first large projects that implemented FHE with the involvement of one of my long-term research partners, Dave Cousins. One thing led to another, and I ended up changing my career to completely focus on FHE. It was at that time that I met my co-founders, Vinod Vaikuntanathan and Shafi Goldwasser.
I tried to convince the CTO at my employer at the time to let me work on this technology, but he told me that if I wanted to do that, I should resign and found a start-up. So I resigned and did exactly that. I then took an academic position and met my research partner, Yuriy Polyakov, and all of us started working on our open-source FHE library called PALISADE.
Shafi Goldwasser then met our other co-founder, Rina Shainski at a talk she gave, and Rina then recruited Alon Kaufman to be our 5th co-founder. We then co-founded the company we now call Duality Technologies while continuing to build out PALISADE as a leading open-source FHE library.
Can you tell us more about your involvement with the PALISADE open-source library for Fully Homomorphic Encryption?
PALISADE is the result of several very fruitful and effective DARPA and IARPA projects. Yuriy, Dave and I co-founded the library, and we've been pushing it for nearly a decade now. The response to the library has been wonderful - we're getting contributions from across the security community - major defence contractors such as CACI and Raytheon and major tech firms such as Google and Samsung, and many more.
What is the main role of cryptography within cybersecurity?
Cryptography provides a general set of techniques to protect data with mathematical guarantees about the strength of protection. It is unique in the area of cybersecurity in its ability to provide such high degrees of confidence in the level of protection provided.
What are the main differences between cryptography and cryptanalysis?
Cryptography is the science of building protocols to encrypt data. Cryptanalysis is the science of analyzing the strength of cryptography and devising potential attacks against cryptography.
How can new students start learning more about cryptography?
The best way is to be excellent at math. It is really one of the most mathematical of any real-world technologies I've ever seen. Beyond learning math, cryptography needs to be implemented, and software engineering is extremely important.
Are there any books, blogs, or any other resources on cryptography that you highly recommend?
I'm a huge fan of the IACR eprint server - it's a barely managed repository of all the latest publications on cryptography. It can be a bit chaotic, but all the best people publish there.