With data breaches on the rise, Craig Gentry is hard at work developing new methods to keep our data safe. Based out of IBM’s Research Center in Yorktown Heights, the 41-year-old cryptography scientist won a prestigious MacArthur Foundation “Genius Grant” in September for solving a problem dreamt up in 1978—one that was thought to be unsolvable—when he devised a way to make it possible to make computations on encrypted data. The upshot? Gentry’s work may make it impossible for hackers to get a hold of consumers’ sensitive information when a company is hacked.
Q: How old were you when you first became interested in cyber technology and encryption?
A: According to my mother, before I was 3, I taught myself multiplication by making rectangles of Cheerios out of my breakfast. I didn’t know anything about encryption until I was much older. I majored in math, but then went to law school, worked in a corporate law firm for a couple of years, and got tired of it. I decided to post my resumé on www.dice.com in search of math or computer science jobs, and got a quick response from a Japanese telecom company that was building a research lab in California. During the interview they suggested that doing cryptography research might interest me. I didn’t know much about crypto at that time, but I agreed that it seemed interesting. So I moved out and got started.
Q: How do you keep motivated when critics say ‘it can’t be done’?
A: Supposedly ‘unsolvable’ problems have the biggest payoff when you solve them, which can be very motivating. Research scientists love to start revolutions, to overturn the old theory with a better one. And even if you fall short of a solution, making even a little progress on a problem of fundamental importance can give you insights that help you solve other problems.
Q: How will your work impact consumers in the future?
A: Right now, consumers entrust companies with all sorts of private information—financial information, social security numbers, pictures. They have no choice if they want the company’s service. But what if the company could serve you while seeing that information only in an encrypted form? What if a search engine could answer your web search without knowing what you searched for [but rather an encryption of it]? Then, even if the company was hacked, your information wouldn’t be compromised, because it couldn’t be decrypted. Cryptography will help a lot in minimizing the scope of damage [from future data breaches].