Four Cornell computer science researchers will receive $2.5 million from the National Science Foundation to develop software tools that will improve cybersecurity. The project is exploring a new approach that will make it easier to use cryptography to build more-secure systems. Computing and Information Science researchers on the project are Andrew Myers, Elaine Shi, Greg Morrisett and Rafael Pass (Cornell Tech).

Cryptography, which involves complex mathematical manipulations of data, demands high-level expertise. “It’s easy to make security-critical mistakes when using cryptography to build systems,” Myers said. New secure processing chips must be programmed almost at the level of the computer’s “machine language” of ones and zeros, and also require expertise in cryptography.

“If we are serious about remaining globally competitive, we must continue to invest in research to develop new computer engineering techniques that will stop hackers in their tracks,” said Sen. Charles Schumer, D-New York. “The work coming out of Cornell will improve our nation’s cybersecurity and help foster technological innovations that will make us safer and more productive. This funding will allow our brightest minds to find solutions to current and future challenges.”

Research funds will be used to develop a high-level programming language called Viaduct.

“The Viaduct system will automatically translate high-level code into provably secure implementations that use sophisticated cryptography,” said Myers, lead principal investigator.

“It’s clear that our society desperately needs new approaches to security and privacy,” said researcher and CIS Dean Morrisett. “The approach we are exploring should shift the burden of the security details from the programmer to the language environment.”