Director of the Cybersecurity and Privacy Institute, Florian Kerschbaum, received a 2019 Outstanding Young Computer Science Researcher Award from CS-Can/Info-Can, the nation’s professional society dedicated to representing all aspects of computer science and the interests of the discipline to Canadians.
Conferred since 2009, these annual awards recognize excellence in computer science research. They are awarded to top faculty members in Canadian computer science departments, schools and faculties who are within the first ten years of their career after completing their PhD.
Congratulations to Florian on his receiving an Outstanding Young Computer Science Researcher Award from CS-Can/Info-Can,” said Mark Giesbrecht, Director of the David R. Cheriton School of Computer Science.
“Florian is an accomplished expert in searching and processing encrypted data — keeping data secure, private and encrypted in the cloud while still allowing it to be searched and processed. His contributions to computer security, privacy-enhancing technologies, and database research are both respected internationally by his academic peers as well as adopted by leading high-tech companies, including SAP and Microsoft. His teaching of undergrads, supervision of graduate students at both Waterloo and SAP, and postdoctoral mentorship are exemplary. Shortly after his appointment, he took on a senior leadership role as the inaugural Director of the Cybersecurity and Privacy Institute, and he has secured more than $1.7 million in industry funding. Florian is clearly an outstanding computer scientist across research, teaching and service.”
About Florian Kerschbaum
Kerschbaum joined the Cheriton School of Computer Science in 2017 as an Associate Professor. Previously, he was the Chief Research Expert at SAP in Karlsruhe, Germany from 2005 to 2016 and a software architect at Arxan Technologies in San Francisco from 2002 to 2004. In 2018 he became the inaugural Director of the Cybersecurity and Privacy Institute and in 2019 was named the NSERC/RBC Industrial Research Chair in Data Security. That same year he was recognized as a Distinguished Member by the Association for Computing Machinery for his outstanding scientific contributions.
Kerschbaum holds a PhD in computer science from the Karlsruhe Institute of Technology and a master’s degree from Purdue University.
About his research
Kerschbaum’s research develops methods to protect data by encryption, while still allowing it to be processed efficiently. To this end, he has developed and helped deploy several application-specific methods for searching and computing on encrypted data. He has developed a comprehensive set of searchable encryption algorithms for database operations. These include property-preserving encryption algorithms that enable efficient search without modification of the database management system and can withstand snapshot attacks much better than other order-preserving algorithms.
Kerschbaum has also developed methods to compile secure multi-party computation protocols from ideal functionality specifications. He developed the first compiler optimization technique operating at the source language level, transforming an ideal functionality into a protocol that interleaves securely and locally computed steps.
He has also pioneered the use of multi-party computations in supply chain management, including protocols for planning, lot size planning, and detailed scheduling. These planning methods have significant economic potential because they overcome hurdles to data sharing in current supply chain management planning. Collaborative methods have enormous savings potential over local planning, but they often are not implemented because of concerns what the necessary data might reveal. Multi-party computations enable implementing the planning methods over encrypted data. As the coordinator of the EU-funded project SECURESCM, Kerschbaum led an efficiency improvement in linear programming over encrypted data by more than five orders of magnitude.
With his previous doctoral student, Marek Jawurek, Kerschbaum developed methods for maintaining privacy in smart grids. This included protocols for billing, spatial and temporal aggregation and demand-response verification that do not reveal a household’s consumption data, but are also secure against misreporting. For this research, his PhD student was awarded a prestigious 2014 ACM SIGSAC doctoral dissertation award.
Future directions
Kerschbaum’s future work aims to address the security and privacy challenges stemming from data processing using machine learning. Machine learning has become the first choice for many data processing tasks, but its security and privacy implications have been barely investigated. In particular, he aims to address the challenges of model stealing and membership inference attacks on deep neural network models, along with further enhancing the efficiency and security of processing encrypted data.