Security Holy Grail anyone?

US intelligence research agencies look for myriad “revolutionary” security algorithms, techniques and technology

It sometimes feels like the entire planet is working on some sort of security technology to protect the networked world from insiders, outsiders and just plain nasty ne'er do wells.

The researchers at the government's "high-risk, high-payoff research" group, Intelligence Advanced Research Projects Activity (IARPA) want to go beyond the mundane security research and development and get right to the groundbreaking stuff.

Does it exist?  We'll see. 

RELATED: US sets $1.4M to get unique metaphor-recognizing software system humming

Specifically IARPA put out a call this week for what it calls Safe and Secure Operations (SSO), which is research that "explores or demonstrates the feasibility of revolutionary concepts in computation, trust establishment and maintenance, and detecting and deflecting hostile intent."

IARPA said examples of what it is looking for include:

  • Approaches to operating securely with imperfect equipment, error-prone users and/or a compromised network. Constructing systems that can perform reliable and secure computations when some fraction of their components is unreliable or insecure.
  • Computational methods based on architectures other than digital Turing machines whose attributes are matched to efficient or secure solution of intelligence problems (like optical, analog, biological, brain-based, quantum, or hybrid computing systems).
  • New algorithms and protocols that take advantage of quantum entanglement to perform tasks that are inefficient with classical algorithms.
  • New approaches to secure transmission of information using optical, electromagnetic, digital packet, chemical, or biological signals. Domains include synchronous and asynchronous communications, bandwidth-constrained digital transmission, and triage of large data flows.
  • Methods (including compilers and programming languages) for performing complicated computations securely, e.g. multi-party secure functional computation and full homomorphic encryption, but with low overhead.
  • Detection, classification, and mitigation of attempts by adversaries to compromise safety and security, including, but not limited to penetration and manipulation of electronic infrastructure.
  • Novel ideas for technologies enabling energy-efficient computation beyond the efficiency projected for end-of-roadmap silicon, as well as strategies for using existing computing technologies to compute with lower power budgets.

Interestingly the group IARPA is modeled after, the Defense Advanced Research Projects Agency which has its own ideas about revolutionary security will this month announce the second phase of its identity program known as Active Authentication.

More on security: Who really sets global cybersecurity standards?

The program looks to develop technology that goes way beyond today's use of hard to remember password protection and determine identity through "use of software applications that can determine identity through the activities the user normally performs," DARPA said.  Such new systems might look at the unique words a user types or examine length of sentences and use of punctuation to determine user authenticity.

DARPA said the current standard method for validating a user's identity for authentication on an information system requires humans to do something that is inherently difficult: create, remember, and manage long, complex passwords.

"Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus, unauthorized individuals may improperly obtain access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating," DARPA stated. 

NEWS: 25 crazy and scary things the TSA has found on travelers

The Active Authentication program has two primary development points. The first is focused on expanding research in the area of the computational behavioral traits that can be observed through how a computer user interacts with the world without requiring them to do anything different from their normal work functions. The second focus of the Active Authentication program is on developing an application ("Biometric Platform") that can integrate all biometrics available on a single device to allow for the most accurate validation of the identity of the individual using the device, whether the biometrics collected are behavioral, cognitive, or physical. In this respect, the application is trying to identify you by looking at all available aspects of you, not just a single sensor connected to the computer, DARPA stated. 

Check out these other hot stories:

UPDATE: Verizon worker outsourced part of his job to China so he could have more free time

IBM: Steampunk frenzy to erupt in next two years

DARPA wants to dot ocean floor with robotic pods that can spy, explore

NASA: Inflatable rooms may find a home on International Space Station

US spots $120M for lab to tackle rare earth shortages

FBI: Dirty deedsters are tweaking telephony attacks; coercion

DARPA in search of a 100 Gb/sec wireless technology that can penetrate clutter

Big Space: There are at least 100 billion planets in our galaxy alone

CIA whacks at Hollywood spy agency myths

Boeing uses 20,000 lbs. of potatoes to check aircraft wireless network signals

Join the discussion
Be the first to comment on this article. Our Commenting Policies