Homomorphic Encryption Computing Techniques with Overhead Reduction (HECTOR)

The Intelligence Community (IC) must balance the needs of policy compliance with providing access to data as needed to protect national security. The IC is also expected to maintain privacy of individuals while being as transparent as reasonably possible in its operations. Increasingly, IC organizations must collaborate with citizen groups, with other Government organizations that operate under different regulatory constraints, and with other nations. While solutions exist to protect data at rest and in transit, there is no protection for data being processed, which hinders opportunities for collaboration between different agencies, including mutually distrusting parties.

For existing approaches to data processing, compliance and access are competing requirements. Advanced cryptographic techniques have the potential to bridge this gap by protecting data in process, and limiting access to the results according to policy controls. This raises the possibility of developing distributed applications to allow different – even mutually distrusting – parties to collaborate securely on a shared computation for a result that all can trust. Currently, many of these cryptographic techniques are inefficient and also require significant cryptographic expertise to use them effectively.

The goal of the HECTOR program is to build a framework that enables system architects and application developers without extensive cryptographic expertise to develop a broad spectrum of secure distributed applications using advanced cryptographic techniques. The HECTOR program seeks to develop a comprehensive set of cryptographic tools, programming languages, design and verification tools to:

  • Enable application developers to incorporate new and existing cryptographic computing concepts into their software, while minimizing the cryptographic expertise required of the application developers
  • Enable the system architects and/or developers to be able to express the security and privacy properties and operational environment as desired properties of the system, and automatically receive feedback on the feasibility and costs of these properties
  • Enable advances in the security and performance of cryptographic operations

One of the key goals of HECTOR is to build a framework to allow developers to explore the space of distributed applications, and explore possible compositions of different cryptographic techniques, while getting feedback on the feasibility of such applications and compositions given the currently known protocols, and on the resources that would be consumed by them.

HECTOR is expected to drive innovation in cryptographic protocols, programming languages for expressing secure computation, and compilers and tools for realizing secure distributed systems, as well as in the secure data services that can be built with these tools. In particular, the following cryptographic technologies show potential for use in developing innovative solutions to IC problems, but are often not considered in system development:

  • Fully / Somewhat / Partial Homomorphic Encryption
  • Verifiable Computation
  • Functional Encryption
  • Conditional Proxy Re-encryption
  • Zero-Knowledge Proofs
  • Oblivious RAM
  • Secure Multiparty Computation (both general techniques and some special cases of particular
    interest, such as set intersection and private information retrieval)

In parallel with this announcement, IARPA is publishing a request for information (RFI), available on FBO.gov under IARPA-RFI-17-03, related to use cases that could be enabled by HECTOR, and associated challenge problems. Participation in the HECTOR proposers’ day does not require responding to the RFI or attending any workshop arising from the RFI.

While advanced cryptographic techniques are extremely promising, several factors limit their widespread adoption. One factor is the level of overhead associated with existing protocols. Another is the inherent complexity of distributed applications; tools to support identification of bottlenecks in distributed applications, and to suggest potential optimizations and performance improvements, are largely absent. A third factor is the subtle nuances of the security model of each new cryptographic technique. The implications of these nuances on real-world security have yet to be fully explored. Finally, architects and developers rarely have the level of cryptographic expertise currently required to correctly implement these techniques.

The HECTOR program consists of three technical focus areas:

  • System Development Platform
  • Programming Languages / Representation Formats
  • Cryptographic Protocols and Optimization

Each offeror team must propose to all three technical focus areas. Due to the breadth of these areas, it is conceivable that multi-faceted teams from multiple institutions may be required.

The HECTOR program will be executed in three phases over five years. Phase I – Planning and Specification – will run for a period of 12 months, Phase II – Platform Development – will run for a period of 24 months, followed by Phase III – Optimization and Refinement – which will run for 24 months.

Collaborative efforts and teaming among potential performers will be strongly encouraged. Government Test and Evaluation (T&E) teams will provide assistance in tool validation and coordination when needed.

IARPA anticipates that industrial and academic institutions from around the world will participate in this program. Researchers will be encouraged to publish their findings in academic journals.

Contracting Office Address

Office of the Director of National Intelligence
Intelligence Advanced Research Projects Activity
Washington, DC 20511

Primary Point of Contact

Mark I. Heiligman
Program Manager
dni-iarpa-baa-17-05@iarpa.gov

Solicitation Status: OPEN

IARPA-BAA-17-05

Proposers' Day Date: July 26, 2017
BAA Release Date: September 29, 2017
BAA Question Period: September 29, 2017 - November 6, 2017
Proposal Due Date: December 1, 2017

Additional Information

Proposers' Day Briefings

HECTOR Proposers' Day Briefing