Basic research, also called pure research, is aimed at advancing scientific theories unfettered by commercial interests.
Basic research is the foundational theorizing and testing scientists pursue in order to advance their understanding of a phenomenon in the natural world, and, increasingly, in the digital realm. NTT Research opened its doors in Silicon Valley in July 2019 to help nurture basic research in three subject areas that happen to be at the core of digital transformation: quantum physics, medical informatics and cryptography.
Backed by Japanese telecom giant NTT Group, this new facility instantly jumped into the vanguard of basic research already underway that will eventually enable the routine use of quantum computers, which, in turn, will open the door to things like driverless cars and Star Trekkian medical treatments.
Along the way, of course, cybersecurity must get addressed. Ongoing basic research in advanced cryptography concepts is pivotal to putting the brakes on widening cyber risks and ultimately arriving at a level of privacy and security that makes sense.
I had a lively discussion about all of this with NTT Research’s Kazuhiro Gomi, president and chief executive officer, and Kei Karasawa, vice president of strategy. These senior executives wholeheartedly support the concept of basic research. Yet at the same time, they’re also charged with keeping an eye on the eventual “productization” of all this rarefied research. For a full drill down on this conversation, please give the accompanying podcast a listen. Here are a few key takeaways:
Lots of big companies sponsor basic research; it’s how progress gets made. An estimated 60% of research and development in scientific and technical fields is carried out by private industry, with academic institutions and government accounting for 20% and 10%, respectively, according to the Organization for Economic Cooperation and Development.
NTT Group, for instance, typically spends more than $3.6 billion annually for R&D projects. So, when the Tokyo-based telecom put word out on the street that it was standing up a new pure research facility on U.S. soil, the company had no problem attracting dozens of the best and brightest researchers who were already toiling away in the disciplines NTT chose to focus on.
In very short order, NTT Research assembled a who’s who of physicists, electrical engineers, neuroscientists, data scientists, computer scientists and mathematicians eager to port over their pet projects and rev up new ones. Dr. Robert Byer, professor of applied physics at Stanford University, and a leading expert in laser science and technology, for instance, signed on as a distinguished scientist to advance basic research in the use of light waves to streamline quantum computing.
Biomedical engineer Dr. Joe Alexander, the former medical director at pharmaceutical giant Pfizer, grabbed a distinguished scientist post, as well. Alexander hasn’t lost a step pouring his creative energy into studies related to the development of “ ” for healthcare applications – essentially using data analytics to simulate human organs, the better to keep them in tune.
Similarly, Dr. Brent Waters, a rock star computer scientist at the University of Texas, enthusiastically accepted a distinguished scientist post to continue his award-winning studies on a couple of breakthrough areas of cryptography: attribute-based encryption and functional encryption. More about these paradigm shifters below.
There was no hard sell needed to attract this level of talent, Gomi told me. That’s because NTT already had renowned researchers of its own who could credibly offer a clean slate and a resonant vision. “It was a bit risky, to some extent,” Gomi says. “A lot of people who joined us had big dreams, big ambitions, and just wanted the opportunity to make it work.”
‘Productization’ on the horizon
Timing is everything. NTT Research has set up operations at a point in time where the output of decades of basic research has begun to intersect with big advances in computing processing power and data analytics expertise. The result is that commercial deployment, or the productization, if you will, of tiers of diligent basic research are on the near horizon.
What’s unfolding in the cryptography research space demonstrates this. Two decades of technical papers undergird the efforts now ramping up to test real-world deployments of attribute-based encryption and functional encryption, which will bring us closer towards making a great leap forward in data encryption. Some context is needed to understand why this great leap needs to be made, the sooner the better.
Digital commerce exists in the form we have it today because of the Public Key Infrastructure, or PKI, our system for encrypting data and certifying its authenticity. Two different cryptographic keys – a public key and a private key – get issued. The public key is held by the individual user and the private key is held by the certified server storing the encrypted data. During the data transfer process, PKI authenticates the user and certifies the server — and also keeps the data encrypted as it moves between endpoints.
But here’s the rub: not only is it possible to steal or spoof PKI keys and digital certificates, there are state-sponsored and for-profit criminal hacking collectives dedicated to exploiting PKI soft spots. You need look no further that the jarring SolarWinds hack for a prime example. The attackers exploited a stolen SolarWinds digital certificate to direct malware at 33,000 organizations, infecting 18,000 of them over a four month period, including the U.S. Treasury, the U.S. Department of Commerce and at least 425 of the U.S. Fortune 500.
The daunting challenge, going forward, is that PKI attack vectors will only multiply as companies increase their reliance on cloud infrastructure and mobile apps. In this milieu, the work NTT Research’s Cryptography & Information Security (CIS) Lab is doing to fine-tune attribute-based encryption and functional encryption models already rests on a rock-solid theoretical foundation.
NTT Research’s goal is to close the last mile that will lead to wide deployment of much more robustly-defended PKI systems. This improved defense will revolve around establishing much more granular control of keys and certificates. And this control will be much more intensively and effectively managed, at scale, by machine learning-driven systems, Karasawa told me.
“The machines are getting faster and lots of new computation technology has been invented, so it’s almost time to be able to use it in actual business situations,” Karasawa says. “Things are changing. We need to pick-up some by-products from our cutting-edge technologies, and it should be aligned with our future technologies.”
Need to know basis
Instead of assigning one public key granting full access rights to one individual user, whose logon credentials could be stolen, attribute-based encryption and functional encryption work together to issue multiple special-purpose keys. Each key, in turn, can be configured to enable access to a dataset only under certain conditions, i.e. if certain attributes are present. The system can be tuned to recognize whether the user requesting access is a human or a server, a mobile app, a microservice or even an API.
“When you think about it, the connected world needs this,” Gomi says. “A lot of data is going to be created, but obviously we need to be careful about privacy. It’s like a divide and conquer kind of situation. On one hand we want to hide some of the important information, on the other hand, we want to share that information to be able to create great solutions.”
Once attribute-based encryption and functional encryption systems gain some traction, companies will have no excuse. They will have the capability to think more strategically about voraciously collecting consumers’ digital footprints. We’re seeing this trend already taking hold in Apple’s Tim Cook open feuding with Facebook’s Mark Zuckerberger.
It is encouraging to see NTT’s scientists and researchers doing the intellectual heavy lifting needed to make it more technically feasible for companies to respect individual privacy as part of their business model. If they can better protect their networks, without sacrificing much in the way of functionality and the ability to agilely compete, then we’ve got something.
How quickly and pervasively any of this plays out remains to be seen. I’ll keep watch and keep reporting.
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(LW provides consulting services to the vendors we cover.)
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/my-take-why-basic-research-is-so-vital-to-bringing-digital-transformation-to-full-fruition/