Thomas Ristenpart is the most recent addition to the group of four computer science professors at Cornell Tech who focus on security and privacy. Together with their peers in Ithaca, they comprise one of the largest academic security teams in the world.
In the year that he has been on campus, he has hit the ground running both in terms of his academic research as well as providing tech expert commentary in the media, weighing in on topics like why Donald Trump can’t actually close “parts of the Internet” and on the role of encryption in the feud between law enforcement and the tech industry set off by Apple’s refusal to give the FBI access to the San Bernardino terrorist shooting in December 2015.
As a security expert Ristenpart is always intrigued by potential system vulnerabilities. He was getting his PhD at UC San Diego when companies like Amazon, and later Google and Microsoft, first began renting space to the public on cloud computing systems. He realized that this meant that lots of different programs would be running inside the same physical computers and wondered if trouble makers could use access to a shared server to launch attacks on other users. So imagining himself as a clever adversary, he gamed out some of the ways that the cloud was vulnerable.
The paper, entitled “Hey You, Get Off of My Cloud,” won Ristenpart attention from media outlets like the Wall Street Journal and the New York Times, but also from companies like Microsoft, which now helps fund his research.
“What was really important about this paper is that everyone was talking about cloud computing, but no one really understood if this actually was going to change security threat models in interesting ways,” Ristenpart says. “And so this was the first paper that really said: ‘Look, there’s a new class of threats that we need to think about in detail.’”
Cornell Tech sat down with him to discuss the cloud and what brought him to his interest in security and cryptography.
Cornell Tech: You grew up in the Bay Area, was that an influence on your decision to go into computer programming?
Tom Ristenpart: Yeah, I think so. I think we were really fortunate that at our grade school we had an introduction to programming course. This was when I was very young, when I was nine, if I remember correctly. And my interest took off from there.
So how did you get into cryptography?
I spent a lot of summers doing internships focused on programming and software development. I thought I was going to go straight to work after undergrad. I had no interest in research or anything. But then towards the end, I realized that the internships, while interesting, weren’t touching on topics I wanted to explore. I thought grad school might open up more attractive options. Also, as I like to joke at parties, if I stayed in school I would still be eligible to play competitive Ultimate Frisbee.
So I started graduate school at U.C. Davis and took a class on cryptography taught by Professor Phil Rogaway. Like many people, I assumed that since I wasn’t a math major in undergrad I wouldn’t have the right background for cryptography, but it turned out that cryptography is as much about computer science as math. Phil’s class made me see that and realize that computer scientists have a lot to offer the field.
How would you describe the role of computer science in cryptography?
The encryption schemes we build are often based on mathematics, but there’s a lot of work to turn basic mathematics into useful security tools. All that stuff in between the basic mathematics and your secure use of, say, the Internet is at the core of computer science. We design communication protocols, efficient algorithms, and rule out attacks by showing that no computationally efficient attackers can be successful.
How do you think the Cornell Tech experience compares with the traditional computer science graduate program?
Many programs are very traditional, academic. There is often a focus on theory. Theory is foundational, but it is often blind to the problems being faced in practice. At Cornell Tech students have significant engagement with practitioners. Industry is actually embedded in the environment here. It is part of the culture. By teaching fundamentals in the context of real, tangible problems, students get both the theory and the ability to apply it.
What are you working on now?
Mostly trying to identify places where encryption isn’t being used because of problems that arise in practice. One very concrete example of this is our work supporting encryption of credit card numbers in a way that works with existing software systems. For example, companies built huge databases of 16-digit credit card numbers. Later they realized: ‘Oh, we should’ve encrypted all this data for security reasons.’ But if they encrypt the credit card numbers with a conventional encryption scheme, what they are going to get back is some kind of long string of random-looking junk. It literally just won’t fit back into the database where we had credit card numbers before.
That means they’d have to redo their whole database, hindering deployment of encryption for credit card numbers. So industry wanted what started being called format-preserving encryption—the idea being that you have a credit card number as the input and you should get out an encryption of it that syntactically is like a 16-digit number. Then you can stick it back in the database. It wasn’t clear how to do this securely, so we pioneered some of the early work on how to build appropriate encryption tools. Some of these are now widely used, but there’s still a lot of interesting open questions.
What else are you working on?
We’ve been looking at some issues with circumventing Internet censorship. Censorship tools like the Great Firewall of China have used protocol identification to try to detect tools that people are using to get access to information in order to block them, and we’ve been trying to understand how encryption tools can be designed to make it harder to detect them. We also are working on improving password management systems, including how to deal with the fact that users frequently make typos when entering their passwords. We have some new ideas here that, we hope, will make user experience significantly better.
What is it like to work with so many other cryptographers at Cornell Tech? Do you all work together?
Absolutely, yeah. We have a concentration of people that is rare if not unique. Our expertise areas are all different. We bring different perspectives—and personalities—to the table. With our critical mass, I’m hoping we’ll end up doing some very important, disruptive work moving forward.