March 4, 2020 | Research
This is the place to protect your data: cryptographic cloud security at U of T
University of Toronto startup SHIELD Crypto Systems makes future-proof security software—using a cryptographic system that secures data in the cloud.
University of Toronto startup SHIELD Crypto Systems makes future-proof security software—using a cryptographic system that secures data in the cloud.
In 2019 alone, nine million Canadians saw their personal info compromised in online data breaches. “Having a credit card stolen is bad enough,” says Glenn Gulak, a professor of electrical and computer engineering and one of the co-founders of U of T Entrepreneurship’s cloud security startup SHIELD Crypto Systems.
“What worries us is personal information that defines your identity. When a social insurance number is exposed, there is no simple way to get a replacement. Similarly, your DNA and your biometrics need to be protected for life.”
Gulak and his co-founder Alhassan Khedr (PhD 2017), who has a PhD in computer engineering from U of T, focus on keeping data secure throughout its three-stage life cycle: transmission (for example, entering your credit card number for an online payment), storage, and computation (for example, subtracting a payment from your bank account).
Currently, data can be encrypted during the first two stages, but the computation stage is a risk. Information must be decrypted before it can be searched, added or multiplied… and hackers can exploit that vulnerability.
A unique contribution to cloud security: accelerating fully homomorphic encryption
Khedr and Gulak adapted a breakthrough technology invented at Stanford University in 2009. Fully homomorphic encryption enables mathematical computations to be performed directly on encrypted data, so a bank (for example) can apply calculations to client records without decrypting them. “Only the holder of the secret decryption key is able to see the results,” says Khedr. “Any hacker watching the computation process in the cloud learns nothing.”
However, fully homomorphic encryption computations were so complicated that the system was too slow to be practical. The SHIELD Crypto Systems team, experts on accelerating computer processing, discovered a way to divide the complicated calculations into simpler steps that could be calculated simultaneously.
“We could speed up the process up to 100 times faster than our competitors,” says Khedr. “We felt we had something special.”
They did. SHIELD Crypto now develops applications using homomorphic encryption that offer unprecedented privacy and security to the world of cloud computing. “All our systems run in the cloud,” says Khedr. “We provide enterprises with the assurance that even when they migrate to the cloud, their data will remain encrypted throughout its life cycle.”
And, their system future-proofs data. “Quantum computers capable of breaking today’s encryption algorithms will become a reality in 10 or 15 years,” says Khedr. Not a problem for SHIELD Crypto, whose technology resists quantum attacks.
SHIELD Crypto Systems benefited from U of T Entrepreneurship’s network and expertise
Khedr and Gulak patented their algorithms and process in 2015 with help from the University. “U of T has been a strong contributor to our present success,” says Khedr.
The founders connected with their first clients through networking contacts at the Department of Computer Science Innovation Lab (DCSIL) and the Rotman School’s Creative Destruction Lab (CDL). Khedr and Gulak now have products in trial with several Canadian companies and employ a team of nine (all U of T alumni) at their office in the dynamic MaRS Discovery District.
Having completed a funding round in 2019, in 2020, they plan to hire additional employees, to begin offering subscription licenses for sale and to expand into the United States.
U of T’s entrepreneurship network helped Khedr and Gulak at every stage of development. UTEST provided business courses, a cash injection and office space in ONRamp, CDL provided networking opportunities, and DCSIL advised on how to scale up from a core library of mathematical techniques to a full-service product.
“DCSIL was invaluable in helping with technology translation from the University to corporate customers,” says Gulak. “U of T’s support—not just of our startup, but of the whole U of T Entrepreneurship portfolio of startups—has been formidable.”