Homomorphic Encryption Computing Techniques with Overhead Reduction (HECTOR)
The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers’ Day Conference for the HECTOR program on July 26, 2017, in anticipation of the release of a new solicitation. The Conference will be held from 9 AM to 4 PM EST in the Washington, DC metropolitan area. The purpose of the conference will be to provide information on the HECTOR program, and on the research problems the program aims to address, to address questions from potential proposers, and to provide a forum for potential proposers to present their capabilities for teaming opportunities. This announcement serves as a pre-solicitation notice and is issued solely for information and planning purposes. The Proposers’ Day Conference does not constitute a formal solicitation for proposals or proposal abstracts. Conference attendance is voluntary and is not required to propose to future solicitations (if any) associated with this program.
Program Description and Goals
The Intelligence Community (IC) must balance the needs of policy compliance with providing access to data as needed to protect national security. The IC is also expected to maintain privacy of individuals while being as transparent as reasonably possible in its operations. Increasingly, IC organizations must collaborate with citizen groups, with other Government organizations that operate under different regulatory constraints, and with other nations. While solutions exist to protect data at rest and in transit, there is no protection for data being processed, which hinders opportunities for collaboration between different agencies, including mutually distrusting parties.
For existing approaches to data processing, compliance and access are competing requirements. Advanced cryptographic techniques have the potential to bridge this gap by protecting data in process, and limiting access to the results according to policy controls. This raises the possibility of developing distributed applications to allow different – even mutually distrusting – parties to collaborate securely on a shared computation for a result that all can trust. Currently, many of these cryptographic techniques are inefficient and also require significant cryptographic expertise to use them effectively.
The goal of the HECTOR program is to build a framework that enables system architects and application developers without extensive cryptographic expertise to develop a broad spectrum of secure distributed applications using advanced cryptographic techniques. The HECTOR program seeks to develop a comprehensive set of cryptographic tools, programming languages, design and verification tools to:
- Enable application developers to incorporate new and existing cryptographic computing concepts into their software, while minimizing the cryptographic expertise required of the application developers
- Enable the system architects and/or developers to be able to express the security and privacy properties and operational environment as desired properties of the system, and automatically receive feedback on the feasibility and costs of these properties
- Enable advances in the security and performance of cryptographic operations
One of the key goals of HECTOR is to build a framework to allow developers to explore the space of distributed applications, and explore possible compositions of different cryptographic techniques, while getting feedback on the feasibility of such applications and compositions given the currently known protocols, and on the resources that would be consumed by them.
HECTOR is expected to drive innovation in cryptographic protocols, programming languages for expressing secure computation, and compilers and tools for realizing secure distributed systems, as well as in the secure data services that can be built with these tools. In particular, the following cryptographic technologies show potential for use in developing innovative solutions to IC problems, but are often not considered in system development:
- Fully / Somewhat / Partial Homomorphic Encryption
- Verifiable Computation
- Functional Encryption
- Conditional Proxy Re-encryption
- Zero-Knowledge Proofs
- Oblivious RAM
- Secure Multiparty Computation (both general techniques and some special cases of particular
interest, such as set intersection and private information retrieval)
In parallel with this announcement, IARPA is publishing a request for information (RFI), available on FBO.gov under IARPA-RFI-17-03, related to use cases that could be enabled by HECTOR, and associated challenge problems. Participation in the HECTOR proposers’ day does not require responding to the RFI or attending any workshop arising from the RFI.
While advanced cryptographic techniques are extremely promising, several factors limit their widespread adoption. One factor is the level of overhead associated with existing protocols. Another is the inherent complexity of distributed applications; tools to support identification of bottlenecks in distributed applications, and to suggest potential optimizations and performance improvements, are largely absent. A third factor is the subtle nuances of the security model of each new cryptographic technique. The implications of these nuances on real-world security have yet to be fully explored. Finally, architects and developers rarely have the level of cryptographic expertise currently required to correctly implement these techniques.
The HECTOR program consists of three technical focus areas:
- System Development Platform
- Programming Languages / Representation Formats
- Cryptographic Protocols and Optimization
Each offeror team must propose to all three technical focus areas. Due to the breadth of these areas, it is conceivable that multi-faceted teams from multiple institutions may be required.
The HECTOR program will be executed in three phases over five years. Phase I – Planning and Specification – will run for a period of 12 months, Phase II – Platform Development – will run for a period of 24 months, followed by Phase III – Optimization and Refinement – which will run for 24 months.
Collaborative efforts and teaming among potential performers will be strongly encouraged. Government Test and Evaluation (T&E) teams will provide assistance in tool validation and coordination when needed.
IARPA anticipates that industrial and academic institutions from around the world will participate in this program. Researchers will be encouraged to publish their findings in academic journals.
Attendees must register no later 5:00PM EST Friday, July 19, 2017, at https://eventmanagement.cvent.com/HECTORPD. Directions to the conference facility and other materials will be available on that website. No walk-in registrations will be allowed.
The conference will be conducted at the unclassified level.
Due to space limitations, attendance will be limited to the first 100 registrants and to no more than 3 representatives per organization. All attendees will be required to present a government-issued photo identification to enter the conference.
Proposers’ Day information is found at the website and should be consulted for updates.
The morning session will include an overview of the program goals, technical challenges, and expected participation requirements. A description of how the solutions will be evaluated will be provided.
The afternoon will include unclassified presentation & poster sessions to provide an opportunity for attendees to present their organizations' capabilities and to explore teaming arrangements. Attendees who wish to present organization capabilities for teaming opportunities may submit a request through the registration web site. Details on the presentation and poster formats, and the procedure for submitting a request to present, will be provided after approval to register for the conference has been granted. Time available for presentations and posters will be limited. Therefore, presentations will be limited to the first 15 registered respondents who request an oral presentation, and posters will be limited to the first 25 registered respondents who request a poster presentation.These presentations are not intended to solicit feedback from the Government, and Government personnel will not be present during the presentations.
This Proposers' Day is intended for participants who are eligible to compete on the anticipated Broad Agency Announcement (BAA). Other Government Agencies, Federally Funded Research and Development Centers (FFRDCs), University Affiliated Research Centers (UARCs), or any other similar organizations that have a special relationship with the Government, that gives them access to privileged or proprietary information, or access to Government equipment or real property, will not be eligible to submit proposals to the anticipated BAA nor participate as team members under proposals submitted by eligible entities. While such entities are not prohibited from attending the Proposers' Day, due to space limitations, preference will be given first to those organizations that are eligible to compete and attendees from such entities will be limited to no more than 30. By registering on the Federal Business Opportunities (FBO) website, conference participants may choose to add their contact information to the Interested Vendors List on FBO for the purpose of teaming, or exchange information during the conference. A separate attendees list will not be provided. IARPA will not provide reimbursement for costs incurred to participate in this conference.
Contracting Office Address
Office of the Director of National Intelligence
Intelligence Advanced Research Projects Activity
Washington, DC 20511
Primary Point of Contact
Mark I. Heiligman