As cybersecurity threats grow alongside the rapid expansion of cloud computing, Google’s Cybersecurity Award program is investing in academic research that tackles challenges in digital privacy and infrastructure. This year, that support is coming to CCNY, where Dr. Tushar Jois and Dr. Rosario Gennaro have been awarded a grant for “Cryptographic Computation over Spot VMs,” a project designed to lower the cost and increase the real-world usability of secure computation.
Dr. Tushar Jois. Photo Credit: Courtesy of Dr. Jois.
Dr. Tushar Jois, an assistant professor of electrical engineering at CCNY and assistant professor of computer science at the CUNY Graduate Center, and Dr. Rosario Gennaro, distinguished professor of computer science at CCNY and director of the Center for Algorithms and Interactive Scientific Software, received the award for their project as a part of Google’s Cybersecurity Initiative, which funds high-risk, high-reward research with the potential to strengthen digital security significantly. Dr. Jois and Gennaro’s project addresses a growing challenge at the intersection of data science, cloud computing and privacy.
“There’s been this rise in applications of data science,” Dr. Jois said, pointing to areas such as genomics, where researchers analyze massive datasets to identify genetic markers for disease. “We want to be able to do these kinds of computations securely,” he said, particularly when sensitive data is shared across institutions such as hospitals.
At the heart of the project is secure multiparty computation, a cryptographic technique that allows multiple parties to compute a shared function of their data without revealing their individual inputs. Although powerful, these protocols are notoriously expensive to run, especially in cloud environments where computing time directly translates into cost.
Dr. Rosario Gennaro. Photo Credit: Courtesy of Dr. Gennaro.
Dr. Jois and Dr. Gennaro are tackling that problem by leveraging “spot” virtual machines offered by cloud providers such as Google. Spot VMs are significantly cheaper than standard cloud instances, but they come with a significant drawback, which is that they can be revoked at any time when higher-paying customers need the resources.
“Our idea is, let’s build this cryptographic protocol on top of these cheap but revocable spot instances,” Dr. Jois explained. “But the challenge is, can we continue the secure multiparty computation in the presence of these instances that can be yanked away at any point?”
In order to address that question, it requires rethinking long-standing cryptographic theory. Dr. Gennaro said the project stood out to Google for this reason, because it bridges theory and practice.
“For a long time, this was considered to be a theoretical curiosity,” Dr. Gennaro said, referring to secure multiparty computation. “What this proposal really hits is this practical scenario, which people were not looking at before, which is the idea of you running these processes on the cloud under highly dynamic conditions.”
Unlike traditional models, where system failures are predictable or bounded, spot instances can disappear with as little as a 90-second notice. That volatility forces researchers to rethink how security guarantees are proven and how the computation state is preserved when machines abruptly go offline.
“One of the big challenges that we found is translating this kind of theoretical notion to the real-world notion of you have two minutes, or you’re getting shut down,” Dr. Jois said.
The project is also deeply collaborative, reflecting the complementary strengths of its two leaders. Dr. Jois is a cryptographer who focuses on building practical systems, while Dr. Gennaro is a leading theoretician in cryptography and network security.
“You really do need both to build a good system,” Dr. Jois said. “We need to be able to say, here’s a mathematically evident proof that this works and is possible, and then demonstrate we can build it and run it on real hardware”.
Beyond the research outcomes, the grant is already shaping education at CUNY. Dr. Gennaro teaches graduate-level courses on multiparty computation at the CUNY Graduate Center, where he directly connects classroom material to the ongoing project.
“When you teach something, and you can show that it’s connected to what you’re actually doing right now, students get fascinated by that and feel inspired to join,” Dr. Gennaro shared.
Dr. Jois echoed that impact, noting that students exposed to the research in class have reached out to join the project and are now actively contributing.
The researchers see long-term implications that extend far beyond cryptography. The possibility of secure, low-cost computation enables historically marginalized or mistrustful communities to participate in scientific research without sacrificing privacy.
“This would give them a way to participate in a scientific computation without being worried that their data is being sent off somewhere and being analyzed and stored for reasons outside of their control,” Dr. Jois said.
Dr. Gennaro hopes the project will also influence the broader theoretical community.
“There’s no shame in putting ourselves out there and getting our hands dirty and actually bringing the theory closer to practice in the real world,” he said, emphasizing the importance of refining abstract models to reflect real systems.
As cybersecurity becomes increasingly intertwined with cloud infrastructure, AI, and large-scale data analysis, Dr. Jois and Dr. Gennaro’s work positions CUNY at the forefront of secure, accessible technological innovation. Their Google Cybersecurity Award not only recognizes past contributions but also signals the growing role of public universities in shaping the future of digital security.
Sofia is a graduate student at CUNY Brooklyn College, where she’s pursuing her M.S. in Media Studies. In addition to writing for The RICC, she’s a writer for the features section of Brooklyn College’s student-run newspaper, The Vanguard. She is also a dedicated writer for the Brooklyn News Service.