Welcome, Professor Kenny Paterson!

Professor Paterson, welcome to ETH! What are your current research interests?
My main research field today is cryptography, which is concerned with the protection of information – both its confidentiality and its integrity – as it is transmitted over networks, stored in databases and operated on by untrusted computing systems. I am particularly interested in applied cryptography, where I try to understand the cryptographic needs of real systems. This involves analysing existing systems that make use of cryptography to identify their flaws, as well as developing new theory to formally describe them and prove them secure. In previous phases of my career I worked on topics such as discrete mathematics, coding and information theory, and digital communications.

What is the impact of your research on society?
Cryptography is to be found everywhere today – every time we make a mobile phone call, log in to social media networks or make an online payment we are using it. It has become the invisible glue that makes the information society work. So getting cryptography “right” has become incredibly important – literally, every bit matters! Some of my research analysing the TLS protocol – which is the most widely used system for secure communications on the internet today (it’s the “s” in “https”) – led directly to changes in the cryptography that is used in every web browser and web server in the world. Billions of people are using more secure cryptography every day because of this work. More recently, I’ve been looking at the security of cryptographically protected databases using some really nice theory from the field of statistical learning theory. This has shown the limitations of current efficient approaches to encrypting data while enabling standard database queries to be made on the data. I hope this will help prevent immature approaches from being deployed and provoke further research towards stronger solutions.

Where were you working before you came to ETH?
I worked at Royal Holloway, University of London, UK. This is a small university that has a very strong standalone department for Information Security – its Master’s programme was the first in the world and has graduated several thousand students. It has around 70 doctoral students at any one time, working in many aspects of the field, including cryptography [1].

Which courses will you be teaching at ETH?
This is still to be formally decided, but I hope to teach cryptography at Master’s level as part of the department’s general offering and its new course in Cyber Security.

What do people often get wrong about your field?
A lot of people think it’s really easy to design new cryptographic systems, and don’t realise that the subject has advanced tremendously over the last 30–40 years, to the point where amateurism is dangerous. One of the things I’d like to bring to my teaching is to give students an appreciation for how cryptography can go wrong in practice, and how to use it safely.

What advice would you give to students who are just starting out in computer science?
Try not to study each subject in isolation, wiping from your mind everything you learned in semester x when semester x+1 starts. Like all sciences, computer science builds up piece by piece, and there are many interconnections that only become apparent over time. For example, recently in my research I used a small piece of mathematics that I first learned 30 years ago in a Bachelor’s-level course (and had not used in between). Richard Feynman, the Nobel Prize-winning physicist, talked about having a personal toolbox of techniques that he could use to solve problems, which was different from everyone else’s [2]. During your studies, fill your toolbox with interesting and varied tools – you never know when they might come in handy!