hammer/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6e2183c7b0f12ce9749f72365e9eb87b395b8c93
notes/projects/arcanum/DARPA-ERIS/Advancing the SotA slides.md

7.6 KiB
Raw Blame History

Slide 1: How nKode Addresses the Topic Area

  • Topic Area: Advanced technologies for resilience, efficiency, and effectiveness in strategic systems
  • Focus: Critical infrastructure and military C2 systems (strategic, command, operational, tactical edges)
  • nKode's Fit: Enhances authentication resilience in contested/low-bandwidth environments
  • Benefits: Improves efficiency via intuitive, low-cognitive-load access; boosts effectiveness by preventing bypasses
  • Alignment: Supports Zero Trust, edge computing, and secure ops in dynamic conditions

Speaker Notes: This slide directly ties nKode to the ERIS topic area from the DARPA announcement, emphasizing improved resilience (e.g., credential reuse/keylogger immunity over unencrypted networks), efficiency (faster logins under stress without keyboards), and effectiveness (reduced errors, mission continuity for Tactical Assault Kits). It addresses vulnerabilities in C2 systems across edges, enabling information superiority against AI-driven threats like cognitive electronic warfare. This positions nKode as a breakthrough for national security, aligning with ERIS's goal of curating disruptive solutions for rapid acquisition.

Slide 2: Contribution to DARPA's Mission

  • DARPA Mission: Create technological surprise for U.S. national security
  • nKode's Role: Reinvents "something you know" authentication with keyboard-less, AI-generated icons
  • Surprise Element: credential reuse, and keylogger-immune; operable over unencrypted/low-bandwidth networks
  • Impact: Adversaries surprised by resilience against credential harvesting in contested environments
  • Benefit: Protects missions, lives, and infrastructure from AI-driven cyber threats

Speaker Notes: DARPA's mission, as stated in the ERIS announcement, is about technological surprise. nKode contributes by obsoleting text-based passwords, providing an asymmetric advantage in cyber-resilient warfare. For example, in tactical edges with limited bandwidth, it enables secure access to Tactical Assault Kits without traditional vulnerabilities. This aligns with ERIS goals of rapid acquisition for disruptive solutions, fostering information superiority against nation-state threats like cognitive electronic warfare.

Slide 3: How the Problem is Addressed Today

  • Current Methods: Long, complex passwords (12-16 characters) rotated every 60-90 days
  • Vulnerabilities: Prone to reuse, keyloggers, shoulder surfing; high cognitive load under stress
  • Limitations: Requires keyboards (impractical in tactical gear); needs secure channels for MFA
  • Issues: 95 hacks per second globally; bypass in high-risk environments
  • Alternatives: Biometrics (facial/iris/fingerprint) fail in duress, dirt, or low light

Speaker Notes: Today, authentication relies on outdated standards per NIST/DoD, leading to credential reuse and exploitation. Passwords can be easily compromised via reuse, especially at the tactical edge where bandwidth is low and stress is high. Biometrics help but are constrained in field scenarios (e.g., gloves, environmental factors). This results in mission risks, as warfighters may bypass controls. nKode addresses these deficiencies head-on.

Slide 4: What's New in nKode's Approach

  • Novel Features: Shuffling icons on a patented virtual keypad; AI-generated unique icons per user
  • Comparisons to Current Practices:
    • Vs. Passwords: No text input; exceeds NIST entropy (1 in 8-24M guess rate for 4 icons)
    • Vs. Biometrics: No hardware dependency; works under pressure/duress
  • Backend: ChaCha20 CSPRNG for secure shuffling over unsecure networks
  • Resilience: Immune to keyloggers, replay attacks; auto-rotates without user action

Speaker Notes: What's new is the dynamic, visual paradigm: icons shuffle per login, mapped to tokenized values via backend cipher. Unlike static passwords or biometrics, nKode prevents reuse (unique icons) and operates in low-bandwidth environments. This compares favorably to current practices by flipping the usability-security trade-off easier to remember yet more secure. It's TRL 5-validated, per our prior ERIS feedback, and advances SoTA by closing attack vectors like shoulder-surfing (6.5 observations needed to crack vs. 1).

Slide 5: Unique Insights for Advancing SoTA

  • Insight: Security must be intuitive to ensure adoption; visual memory outperforms text-based
  • Advancement: Reduces friction in MFA's "something you know" factor (unchanged since 1961)
  • Differentiation: Dispersion-resistant enrollment; attribute renewal for proactive defense
  • Why Transformative: Enables Zero Trust in contested edges; scales to commercial (banking/healthcare)
  • Evidence: Meets/exceeds DoD password standards while lowering errors

Speaker Notes: Our unique insight is that stronger security via ease-of-use leads to reliable adoption, improving mission outcomes. Humans recall images better than complex passwords, reducing cognitive load for warfighters. This advances SoTA by integrating AI icons with cryptographic primitives, resisting AI-driven attacks. Unlike current static inputs, nKode's randomized interface ensures no two logins map the same a paradigm shift for resilience in strategic systems.

Slide 6: Foreseen Barriers

  • Adoption Risk: Authentication changes are high-risk; companies hesitant to be first adopters
  • Pitch History: Positive feedback from dozens (e.g., FIS, banks) over 10 years, but no implementations
  • Technical: Integration with legacy DoD systems; user training; device compatibility (rugged tablets)
  • Evolving Threats: Advanced AI shoulder-surfing; scaling icon generation
  • Mitigation: Leverage ERIS for rapid pathways; partner with McCrary Institute for validation

Speaker Notes: Barriers include institutional inertia despite excitement from fintech like FIS (Fidelity National Information Services), no one wants to pioneer due to perceived risks. In DoD, integrating with C2 systems or ATACs could face hurdles. We'll address via human factors expertise (as per prior feedback) and field testing. Evolving threats like AI exploits require ongoing R&D, but nKode's design inherently resists them.

Slide 7: Why nKode Will Succeed

  • Market Validation: Independent survey by User Insight 52% prefer nKode (vs. 28% passwords)
  • High Acceptance: 17% above "very high" benchmark (35%)
  • Team Strength: Veterans with cyber ops experience; TRL 5 proven
  • Dual-Use Potential: Defense (tactical edge) + Commercial
  • Evidence: Exceeds benchmarks; low friction deployment

Speaker Notes: Success is backed by data: User Insight's survey showed exceptional preference (52%), far above norms, indicating strong usability. Our team's expertise (Army/Navy vets) and partnerships ensure execution. nKode's success lies in its intuitive design users remember one nKode for all, with auto-rotation. This will drive adoption, per ERIS goals, leading to safer operations.

Slide 8: Proposed Plan/Strategy if Funded

  • Phase 1: Adapt commercial app for tactical edge; integrate with ATACs/Tactical Assault Kits
  • Phase 2: Field validation/testing in simulated environments; address barriers (training/integration)
  • Phase 3: Advance to TRL 6-7; deploy OpenID Connect for DoD systems
  • Timeline: 12-18 months; focus on low-bandwidth resilience
  • Outcomes: Prototype for warfighters; pathway to commercialization

Speaker Notes: If funded, we'll pivot our existing commercial app (with OpenID/OAuth support) to defense needs. Develop a glove-friendly version for tactical edges, sans biometrics. Strategy: Collaborate with McCrary/Forge Institutes for demos and integration. Budget for AI enhancements and testing. This aligns with ERIS's rapid acquisition, transitioning from idea to prototype for enhanced strategic system resilience.