Send email Copy Email Address

Annabelle Theobald

Modern cryptography for the networks of the future: CISPA researcher Julian Loss receives ERC Starting Grant

Large parts of our critical infrastructure, such as power grids or mobile networks, are so-called distributed systems. They consist of many computers that solve large tasks jointly in a network. Such systems must be robust, remain as synchronized as possible, and possess a certain fault tolerance. "Most distributed algorithms that could be used for this are still too slow, not scalable or efficient enough to really solve these problems," explains CISPA faculty Dr. Julian Loss. In his Cryptosystems project, he intends to use state-of-the-art cryptographic methods to significantly improve the efficiency and robustness of distributed algorithms and thus make the networks of the future more secure and efficient. For this endeavour, he has received a Starting Grant from the European Research Council (ERC) which amounts to 1.4 million euros over the next five years.

„Cryptography is a powerful tool“, Loss says. He is convinced that modern cryptography can solve some of the major problems of today's infrastructures. This is reassuring given that his assessment of the current state of affairs is less uplifting: "At present, many of these systems still have weak points. But the idea behind distributed systems is actually exactly right. Unlike centralized systems, they don't have this one single point of failure that cripples everything. But they must be able to cope with errors in parts of the system and be robust. This is not yet sufficiently the case, so that many decisions within such systems are still made centrally." That, in turn, makes these systems vulnerable to attack. Vulnerabilities in critical infrastructures will become an ever greater problem in the future, because attacking them has become part of modern warfare. According to Loss, this makes it all the more important for systems to become as robust as possible, to be able to cope well with errors and to keep running efficiently at the same time.

A sticking point for the smooth running of distributed systems is that they have to keep agreeing on a status quo. Philosophically, they require a shared truth. In some cases, it is also important that they have a shared notion of time. "It's very easy to show this using an example. Let's consider a large online store, which runs on a hundred computers. It has to be clear and, if possible, communicated in real time across the system if an item was sold to someone a minute ago. Otherwise, chaos will ensue with the next click."

Both problems have a name: Consensus Problem and Clock Synchronization. They are old acquaintances in the research world and have been on the minds of scientists for many years. There have long been algorithms that can solve all of these tasks. These algorithms, in turn, become more robust and scalable through the use of cryptography. "At present, however, the use of cryptography often leads to significant performance degradation and, if not used judiciously, can also open up vulnerabilities. As a result, cryptographic techniques are often used sparingly, which in turn makes systems less robust and hardly scalable."

Loss' goal is to break this vicious cycle. "First, we need to develop formal security models that actually map what real threats are in such systems. Then, using cryptography, we need to design distributed algorithms that are sufficiently fault-tolerant to deal with outliers or even attacks on individual nodes. And to make all this efficient and secure, we need new cryptographic techniques," Loss explains. What sounds simple in these three sentences is work on the absolute fundamentals and rather difficult. "These are very fundamental problems." And they are hugely important ones if, in the future, we want electricity to keep flowing and prevent cell phone reception from failing. And the internet to keep working. Because that's one of the largest distributed systems there is.

"I am happy that the ERC have put their trust in me and that I can tackle these topics," Loss says. Two PhD students and two postdocs will be supporting him in this challenge. "I have a good perspective on this problem because I started out in the field of cryptography. People who study distributed algorithms often only understand the basics of it, but they don't know how to optimize tools using cryptography. But you can do some pretty cool things with it," Loss says. May the power of cryptography be with him.

About the person

Dr. Julian Loss is a tenure-track faculty at CISPA Helmholtz Center for Information Security. From 2019 to 2021, he was as a postdoctoral researcher at the University of Maryland and Carnegie Mellon University. In 2019, he earned his PhD in Mathematics from Ruhr University Bochum, Germany. His research focuses on cryptography and its interplay with distributed computing. His research interests include provable security, particularly the design and analysis of digital signature schemes and algorithms for distributed consensus.

About the ERC

The ERC, set up by the European Union in 2007, is the premier European funding organisation for excellent frontier research. It funds creative researchers of any nationality and age, to run projects based across Europe. The ERC offers 4 core grant schemes: Starting Grants, Consolidator Grants, Advanced Grants and Synergy Grants. With its additional Proof of Concept Grant scheme, the ERC helps grantees to explore the innovation potential of their ideas or research results. The ERC is led by an independent governing body, the Scientific Council. Since 1 November 2021, Maria Leptin is the President of the ERC. The overall ERC budget from 2021 to 2027 is more than €16 billion, as part of the Horizon Europe programme, under the responsibility of the European Commissioner for Innovation, Research, Culture, Education and Youth, Mariya Gabriel.