Issue 76 - Cryptography: From Theory to Action

Featuring Yao Jiang Galteland, Senior Cryptographer

Did you know there are protocols that allow computation on encrypted data?

In this edition of Coffee with Calyptus, discover how these cryptographic breakthroughs are revolutionizing privacy-preserving technologies in our conversation with Yao Jiang Galteland, a seasoned cryptographer whose expertise spans topics like zero-knowledge proofs, homomorphic encryption, and post-quantum cryptography. Yao shares insights into solving real-world problems through mathematics.

‍

Before we dive into the conversation with Yao, don’t miss the chance to join Matt Sevey, founder of My Code Career, on Wednesday, November 20, from 5:00–6:00 PM UK, for an insightful talk on building a successful Web3 career. Learn practical tips to land your dream role! Add to your calendar. Now, let’s jump right in.

You have over a decade of experience in cryptography, working with advanced concepts like zero-knowledge proofs, threshold signatures, and homomorphic encryption. What initially drew you to the field of cryptography, and what aspects of it continue to excite you?

I enjoy solving math problems in general, and cryptography caught my interest because it applies mathematics to solve real-world problems. For example, secure encryption methods such as RSA are built on "hard" mathematical problems, like factoring large numbers. These problems are easy to compute in one direction, but extremely difficult to reverse without certain information (such as a private key). This connection between abstract mathematical theory and practical security solutions is what makes cryptography both challenging and interesting to explore.

What excites me most about cryptography is its constant evolution and its essential role in digital security. The exploration of advanced techniques like zero-knowledge proofs (ZKP), multi-party computation (MPC), and post-quantum cryptography (PQC) is particularly thrilling. Different ZKP protocols—such as zk-SNARKs, zk-STARKs, Bulletproofs, and PLONK—each offer unique strengths and limitations. Understanding which is best suited to specific use cases is both intellectually challenging and rewarding. As the emphasis on scalability and privacy intensifies, particularly within blockchain technologies, it’s clear that these advanced cryptographic techniques will continue to shape the future of digital security.

You've worked on projects like Halo 2 and the Orchard ZSA protocol. Can you walk us through a recent project and share some of the unique challenges you encountered?

I was performing bitwise circuit evaluation using the Halo 2 proof system. Halo 2 is primarily optimized for arithmetic constraints (such as multiplication and addition), so protocols that require numerous non-arithmetic operations (like bitwise operations) can become computationally expensive.

Implementing these bitwise operations within Halo 2 often involves additional arithmetic constraints or lookup tables. This requires a careful balance between performance, efficiency, and proof size to achieve the desired outcome.

Your experience spans both academic research and applied cryptography in industry settings. What are some key differences between working in academia and in industry, especially in terms of cryptographic research and development?

In academia, the focus is primarily on advancing theoretical knowledge and exploring innovative ideas. Research tends to be long-term, aiming for discoveries that might influence the field over many years, even if they have no immediate practical applications. Cryptographers often work on foundational problems, such as developing new cryptographic primitives or proving security in novel frameworks.

In industry, cryptographic research is more driven by immediate or near-term needs, emphasizing practical applications. Projects are often goal-oriented, with faster timelines to meet specific product or client requirements. Cryptographic work in industry typically involves applying established cryptographic methods to solve specific problems, focusing on practical implementations, optimizing performance, and ensuring security in real-world applications.

Additionally, industry offers many remote work opportunities, which are essential for me. I have a family rooted in a small town, and working remotely makes it easier to achieve a good work-life balance.

You recently focused on security architecture for healthcare applications. How do you approach designing cryptographic protocols for highly sensitive fields like healthcare, and what unique security considerations do you take into account?

Designing cryptographic protocols for healthcare involves balancing privacy, interoperability, and regulatory compliance (such as GDPR rules).

In collaborative healthcare research, where multiple institutions need access to data without centralizing it, federated learning enables institutions to train models without sharing actual data. Homomorphic encryption allows computations on encrypted data, preserving privacy while enabling valuable data insights.

In addition to your technical expertise, you have a strong background in academic writing and presenting at conferences. What advice would you give to cryptography researchers on effectively communicating complex topics to diverse audiences?

It's essential to understand your audience and adapt your content based on their familiarity with cryptography and their interests. For a general audience, focus on practical applications and highlight key outcomes, avoiding excessive detail on less impactful aspects.

For a more technical audience, delve deeper into the underlying mathematical concepts and algorithms. Diagrams and step-by-step guides can also help clarify complex protocols.

Lastly, begin with the "why" and "what" of the topic before diving into the "how" to ensure your audience grasps the significance before exploring the details.

‍