With a four-year National Science Foundation grant of $850,000, a Trinity College professor and her research collaborators—including Trinity students—will work to make internet communications more secure.

Associate Professor of Computer Science Ewa Syta
Associate Professor of Computer Science Ewa Syta.

Associate Professor of Computer Science Ewa Syta will conduct the NSF-funded project, “Applied Cryptographic Protocols with Provably-Secure Foundation,” with Amir Herzberg, Comcast Endowed Professor for Security Innovation at the University of Connecticut. Syta and Herzberg have been pursuing this line of research together for several years; both are principal investigators on the collaborative project. Trinity will receive about $318,000 of the total grant, with the rest of the award going to UConn.

“We live our lives on the internet,” said Syta, chair of Trinity’s Computer Science Department. “It’s hard to think of any process that’s purely offline. But the internet was not designed to withstand adversarial action… for years, it was used by scientists and researchers to communicate and share data with one another. Now you have this massive infrastructure that is lacking security; we cannot start over, so we’re trying to fix it.”

The focus of the research is on Public Key Infrastructure (PKI), which Syta said is something that everyone uses to encrypt messages to achieve confidentiality. “It’s a hidden part of internet infrastructure, but it’s completely broken,” she said.

With more than 100 different certificate authorities issuing public key certificates—which are used to authenticate the source of a message—and no standard definition of security for PKI, Syta said that there is plenty of room for people with bad intentions to take advantage.

In the past, hackers have stolen the master keys of certificate authorities and issued fake certificates for major websites. And some certificate authorities improperly delegated their certificate-issuing authority, while others intentionally issued rogue certificates, according to Syta.

National Science Foundation NSF“Such failures allow attackers to issue fake certificates, launch phishing and website spoofing attacks… possibly leading to identity theft, surveillance, compromises of personal and confidential information, and other serious security breaches.

“The goal of our project is to lay a provably secure foundation for applied cryptographic protocols, especially Public Key Infrastructure, and make the internet and the systems we interact with more secure,” Syta said.

The research is expected to benefit developers, who will have access to provably secure systems, and users, who will have improved security and privacy guarantees. Everyone will benefit from a strengthened security infrastructure, educational reports to raise awareness of the importance of cybersecurity, and new ways to encourage students to learn about cryptography and cybersecurity, Syta said.

At Trinity, Syta teaches a course on computer security and supervises independent studies and senior projects on related topics. “My long-term goal is to make computer security courses accessible and available to all Trinity students. Regardless of their majors, our students will work with data and it is critical for them to know how to properly and securely do so,” she said.

Associate Professor of Computer Science Ewa Syta working with Trinity students.
Associate Professor of Computer Science Ewa Syta working with Trinity students.

In this long-term project, Syta will supervise Summer Research Program students and Interdisciplinary Science Program students starting in their first year at Trinity, and will train them in the more technical aspects of the research. Syta said, “It’s important for students to engage in real, meaningful research projects.” She added that she also looks forward to collaborating on this project with faculty members from other departments.

An additional part of the project that is meaningful to Syta is its plan for broadening participation in computing, to increase research opportunities, education, and mentoring and outreach efforts focused on women and traditionally underrepresented groups.

“I am particularly committed to the cause of furthering diversity, equity, and inclusion in computing due to my personal experiences as a woman in computer science and the positive impacts from participating in DEI computing support programs,” Syta said. “I am privileged to have a rewarding career, in large part due to many amazing teachers, professors, and mentors I have had. I am grateful to now be in a position to pay it forward.”

Learn more about computer science at Trinity here.