Empirical Proving Ground for Cryptographic Engineering Challenges in Large-scale Deployments (EPiC EagLe) – SBIR XL

OUSD (R&E) CRITICAL TECHNOLOGY AREA(S): Advanced Computing and Software, Integrated Network Systems-of-Systems, Quantum Science The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws. OBJECTIVE: The Empirical Proving Ground for Cryptographic Engineering Challenges in Large-scale Deployments (EPiC EagLe) effort will develop sound state-of-the-art experimental methodologies and operational benchmarks for evaluating distributed trust solutions such as: 1) modifications of existing Public Key Infrastructures (PKIs) and Key Management Infrastructures (KMIs) to recover from loss-of-trust events at Internet scale, 2) hybrid PKIs that add novel delegation and transient trust protocols, and 3) novel designs of PKIs and KMIs for networks with special link, bandwidth, and latency requirements and constraints, such as connected battlespaces. This effort will demonstrate the capability to evaluate such solutions, at scale, exceeding traditional methodologies’ ability to assess the Internet’s commercial PKI’s and Internet-of-Things (IoT) scales. DESCRIPTION: This effort will develop sound state-of-the-art experimental methodologies and operational benchmarks for evaluating distributed trust solutions and demonstrate the capability of evaluating such solutions, at scale, exceeding traditional methodologies’ ability to assess the Internet’s commercial PKI’s and IoT’s scales. Innovative approaches should address the experimental methodology for evaluating implementations of distributed trust schemes—or modifications of existing schemes, such as those focused on recovery—at large scales, under realistic connectivity (or intermittent connectivity) constraints, along with the required simulation framework, metrics of success, assessment methods, and integration of solutions into robust, real-time cyber defense capabilities of interest to the DoD. PHASE I: This topic is soliciting Direct to Phase II (DP2) proposals only. The Phase I feasibility study shall include the documentation of a basic distributed trust evaluation prototype consisting of the software code and hardware capabilities that are capable of experimenting with Research & Development (R&D) concepts of Tactical Certificate Authorities (CAs) that employ flexible policies, extensions, and protocols for battlefield use. Proposers interested in submitting a Direct to Phase II (DP2) proposal must provide documentation to substantiate that the scientific and technical merit and feasibility described above has been met and supports relevant military and/or commercial applications. Documentation should include all relevant information including, but not limited to: technical reports, test data, prototype designs/models, and performance goals/results. For detailed information on DP2 requirements and eligibility, please refer to Appendix B of the DARPA Instructions for DoD BAA 2023.4. PHASE II: Phase II shall produce system design, implementation, and maintenance capabilities to significantly advance the state of the art in PKI scaling challenges for IoT and IoT-like battlespace uses. In today’s Internet PKIs, simple loss-of-trust events such as an expiring PKI certificate led to massive outages of national telecom providers, major cloud computing services, and even critical transportation systems, with no effective automated means of timely recovery [1, 4-7]. Such outages, although indirect to the DoD, are likely to create major challenges for DoD operations. There currently are limited scalable capabilities for recovering from loss-of-trust events such as expiration of trusted certificates, expiry of root-of-trust certificates, or compromises of such certificates or PKI subsystems. Despite the “impending doom” of multiple Internet Root-of-Trust certificates approaching their expiry dates [2], the Internet PKI and IoT trust technologies lack well-designed technological fallbacks for recovery. When proposed, such technological fallbacks cannot be comprehensively evaluated without creating major deployments at representative scales, which are cost-prohibitive. Today, the DoD lacks the capability to experimentally test proposed distributed trust solutions at DoD-relevant scales. Although simulation technologies such as OPNET facilitate introductory training in DoD encryption protocols (e.g., [8]) and limited experimentation with proposed replacements of inefficient key management systems (e.g., [9]), these systems are limited in scale, and cannot be extended to simulate the behaviors of millions or hundreds of millions of nodes. This stymies the Government’s abilities to pose cryptographic engineering challenges and to evaluate proposed solutions. Today, our understanding of (rare) successful recovery derives from a few actual loss-of-trust events such as expiration of the trusted intermediate CA certificate of the Mozilla Firefox browser, which lead to worldwide deactivation of Firefox plugins (including critical security plugins). Mozilla recovered from this near-catastrophic event via an ad hoc manipulation of the certificates’ trust paths, made possible by a serendipitous feature of the browser’s trust chain validation implementation and ad hoc manipulation of the browser key store [1]. The two features that serendipitously enabled this recovery effort were used in ways not intended by their original design and not considered before the outage. Today, there exists no rigorous sets of metrics, models, or simulations to discuss scalability requirements of trust management solutions such as hierarchical PKIs or any hybrid schemes. There is strong anecdotal evidence from industry that PKI and key management problems at scale create non-trivial operational surprises. However, lack of a common framework for evaluating research in distributed trust solutions at scale stymies progress. In particular, the challenges of recovering from loss-of-trust events or of migrating authority on a large scale have not been formalized at all, despite their increasing practical importance. Phase II will create an experimental methodology for evaluating implementations of distributed trust schemes - or modifications of existing schemes, such as those focused on recovery - at large scales, under realistic connectivity (or intermittent connectivity) constraints. This methodology shall employ novel lightweight virtualization approaches to create simulation approaches that allow simulating relevant behaviors of up to hundreds of millions of nodes, with realistic link topologies and models. The new architectural approach to simulation shall faithfully emulate small relevant code segments of implementations under test, while aggressively aggregating non-relevant aspects of node and network behaviors. These methodologies and simulation tools will help pose and answer operational questions about distributed trust, including introduction of new features into PKIs and KMIs, and allow creation of meaningful operational benchmarks for trust engineering. For example, they will create the capability to experimentally test in simulation whether a trust scheme is likely to perform a given mix of operations on a given scale, under given connectivity constraints, and to pose challenges for cryptographic engineering in terms of such scale benchmarks. The methodology shall enable the study of principled loss-of-trust recovery methods based on distributed graph algorithms, such as trust path manipulations generalizing the ad hoc Firefox recovery example. Furthermore, the methodology will allow exploration of scenarios that involve migration of the root-of-trust, which become increasingly important with the ageing of IoT roots of trust, and threats of wide-spread compromises of trusted boot chains (cf. [3]). Finally, a principled simulation framework will enable not only stochastic simulation experiments but, with modifications, will support sound reasoning about protocol properties under probabilistic network models. EPiC EagLe will leverage formal reasoning, simulation, and modern cryptographic primitives to develop the first of its kind PKI frameworks that can recover from emergent loss of trust events. Successful offerors in their proposals will demonstrate a strong understanding of the technology area and they will articulate a compelling necessity for S&T funding to support their respective proposed technology approaches over existing capabilities. Schedule/Milestones/Deliverables Phase II fixed payable milestones for this program shall include: • Month 2: New Capabilities Report, that identifies additions and modifications that will be researched, developed, and customized for incorporation in the pilot demonstration. • Month 4: PI meeting presentation material, including demonstration of progress to date, PowerPoint presentations of accomplishments and plans. • Month 6: Demonstration Plan that identifies schedule, location, computing resources, and any other requirements for the pilot demonstration. • Month 9: Initial demonstration of stand-alone pilot application to DARPA; identification of military transition partner(s) and other interested DoD organizations • Month 12: PI meeting presentation material, including demonstration of progress to date, PowerPoint presentations of accomplishments and plans. • Month 15: Demonstration to military transition partners (s) and other DoD organizations. • Month 18: PI meeting presentation material, including demonstration of progress to date, PowerPoint presentations of accomplishments and plans. • Month 21: PI meeting presentation material, including demonstration of progress to date, PowerPoint presentations of accomplishments and plans. • Month 24: Final software and/or hardware delivery, both object and source code, for operation by DARPA or other Government personnel for additional demonstrations, with suitable documentation in a contractor proposed format. Deliver a Final Report, including quantitative metrics on decision making benefits, costs, risks, and schedule for implementation of a full prototype capability based on the pilot demonstration, along with the novel designs of PKIs and KMIs for networks with special link, bandwidth, and latency requirements and constraints. This report shall include an identification of estimated level of effort to integrate the pilot capability into an operational environment, addressing computing infrastructure and environment, decision making processes, real-time and archival data sources, maintenance and updating needs; reliability, sensitivity, and uncertainty quantification; and transferability to other military users and problems. The report shall also document any scientific advances that have been achieved under the program. (A brief statement of claims supplemented by publication material will meet this requirement.) Provide Final PI meeting presentation material. Phase II Option: The option shall address preliminary steps toward the certification, accreditation and/or verification of the resulting base effort's sound experimental methodologies and operational benchmarks for evaluating distributed trust solutions. Proposed solutions shall include a summary of how the methodologies are likely to succeed on DoD and IoT scales and under link, bandwidth, and latency constraints specific to DoD environments and missions. Schedule/Milestones/Deliverables for Phase II Option: Phase II fixed payable milestones for this program option shall include: • Month 2: Plan that identifies the schedule, location, computing resources and/or any other requirements for the experimental methodologies and operational benchmarks and infrastructure for evaluating distributed trust solutions required for transition to the DoD. • Month 4: Presentation on the detailed software and hardware plan for the technical capability. • Month 7: Interim report on progress toward certification, accreditation and/or verification of the technical capability for DoD use. • Month 10: Review and/or demonstration of the prototype capability with the documentation supporting certification, accreditation and/or verification. • Month 12: Final Phase II option report summarizing the certification, accreditation and/or verification approach, architecture and algorithms; data sets; results; performance characterization and quantification of robustness. PHASE III DUAL USE APPLICATIONS: The DoD and the commercial world have similar challenges with respect to maintaining the cyber integrity of their computing and communications infrastructure. The Phase III effort will see the developed methodology and testbed transitioned into a DoD cyber environment capable of testing large-scale software deployments (including distributed trust software) in simulations consisting of virtual machines (VMs), up to tens of thousands of emulated nodes. Government ranges and commercial systems such as national telecom providers, major cloud computing services, and critical transportation systems have similar challenges in their PKI and KMI infrastructures and face severe scaling challenges for IoT and IoT-like battlespace uses. Thus, the resulting methodology and operational benchmarks are directly transitionable to both the DoD and the commercial sectors: military and commercial air, sea, space and ground communication systems; commercial hardening of critical industrial plant (i.e. control systems, manufacturing lines, chemical processes, etc.) through PKI and KMI infrastructures; securing cloud infrastructure associated with optimization of industrial processes and condition-based maintenance of air, sea, space and ground networked communication systems. As part of Phase III, the developed capability should be transitioned into an enterprise level system that can be used to test large-scale software deployments (including distributed trust software) in simulations consisting of virtual machines (VMs), up to tens of thousands of emulated nodes. The resulting capability is directly transitionable to the Army, the Air Force, the Navy, and the National Security Agency for experimenting with Research & Development (R&D) concepts of Tactical Certificate Authorities (CAs) that employ flexible policies, extensions, and protocols for battlefield use. This is a dual-use technology that applies to both military and commercial software environments affected by cyber adversaries. REFERENCES: 1. Eric Rescorla, Technical Details on the Recent Firefox Add-on Outage, https://hacks.mozilla.org/2019/05/technical-details-on-the-recent-firefox-add-on-outage/ 2. Scott Helme, The Impending Doom of Expiring Root CAs and Legacy Clients, https://scotthelme.co.uk/impending-doom-root-ca-expiring-legacy-clients/ 3. Mark Ermolov, Intel x86 Root of Trust: loss of trust, http://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html 4. Corinne Reichert, Ericsson: Expired certificate caused O2 and SoftBank outages, https://www.zdnet.com/article/ericsson-expired-certificate-caused-o2-and-softbank-outages/, 2018 5. John Ribeiro, Microsoft's Azure service hit by expired SSL certificate, https://www.computerworld.com/article/2495453/microsoft-s-azure-service-hit-by-expired-ssl-certificate.html, 2013 6. Dennis Fisher, Final Report on DigiNotar Hack Shows Total Compromise of CA Servers, https://threatpost.com/final-report-diginotar-hack-shows-total-compromise-ca-servers-103112/77170/, 2012 7. Nihal Krishan, Internet goes down for millions, tech companies scramble as key encryption service, expires, https://www.yahoo.com/now/internet-goes-down-millions-tech-021400230.html, 2021 8. Tae H. Oh et al., Teaching High-Assurance Internet Protocol Encryption (HAIPE) Using OPNET Modeler Simulation Tool, SIGITE’09, https://dl.acm.org/doi/pdf/10.1145/1631728.1631771, 2009 9. J. Liu, X. Tong et al., A Centralized Key Management Scheme Based on McEliece PKC for Space Network, IEEE Access, vol. 8, pp. 42708-42719, 2020, doi: 10.1109/ACCESS.2020.2976753. KEYWORDS: Battlespace Environments, Information Systems Technology, Public Key Infrastructures