hammer/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6e2183c7b0f12ce9749f72365e9eb87b395b8c93
notes/projects/arcanum/DARPA-ERIS/darpa_eris_slides.md

18 KiB
Raw Blame History

marp, theme, paginate
marp theme paginate
true default true
<style> :root { --accent: rgb(218,104,66); } section { background: #fff; color: #000; font-size: 24px; line-height: 1.35; padding: 64px; } h1, h2, h3 { color: #000; margin: 0 0 .6em 0; } strong, b { color: var(--accent); font-weight: 700; } mark { background: color-mix(in srgb, var(--accent) 18%, white); color: var(--accent); padding: 0 .2em; border-radius: .2em; } a { color: #000; text-decoration: underline; text-decoration-color: var(--accent); text-underline-offset: 2px; } ul { margin: .6em 0 .6em 1.2em; } li { margin: .25em 0; } blockquote { color: #000; border-left: 4px solid var(--accent); padding-left: .8em; } code, pre { background: #f7f7f7; color: #000; } hr.rule { border: 0; height: 2px; background: #000; margin: 24px 0; } /* Title slide layout */ .title-wrap { display: grid; grid-template-columns: 1fr auto 1fr; align-items: center; gap: 24px; } .logo { max-height: 250px; object-fit: contain; } .nkode-title { font-size: 96px; letter-spacing: .5px; color: var(--accent); margin: 24px 0 8px 0; font-weight: 800; } .subtitle { font-size: 28px; margin-top: 0; } /* Team grid */ .team-grid { display: grid; grid-template-columns: repeat(3, 1fr); gap: 18px 24px; align-items: start; } .person { display: grid; grid-template-rows: auto auto auto; gap: 5px; } .person img { width: 40%; aspect-ratio: 3/4; object-fit: cover; border: 2px solid #000; border-radius: 6px; } .person .name { font-size: 18px; font-weight: 700; color: var(--accent); } .person .role { font-size: 16px; color: #000; } .caption { font-size: 14px; color: #000; opacity: .85; } </style>
Arcanum Technologies Logo
McCrary Institute Logo
nKode

Pictographic passcodes for resilient authentication at the edge

Arcanum Technologies + Auburn Universitys McCrary Institute

Defining the Problem

  • Historical Context
    • Passwords as cornerstone of "something you know" authentication since 1961 (MIT's Compatible Time-Sharing System)
    • No major reinvention in over 60 years, despite evolving threats
  • Key Problems in Authentication
    • High cognitive load: 12-16 character passwords rotated every 60-90 days; prone to reuse and errors under stress
    • Vulnerabilities: Hacked at 95 per second globally; susceptible to phishing, keyloggers, and credential harvesting
    • Tactical Edge Challenges: Difficult with tactical gear (e.g., gloves); bypassed in high-risk, low-bandwidth environments; limits multi-factor authentication (MFA)

Current State-of-the-Art

  • Relies on static inputs: Keyboards, text-based passwords
  • Biometrics (facial/iris/fingerprint/voice): Effective in ideal conditions but constrained in low-light, noisy, or gloved scenarios
  • Current Tech: Zero Trust, edge computing, AI-driven security in systems like Tactical Assault Kits, but compromised by AI attacks, signals intelligence, and nation-state exploits
<style scoped> section { font-size: 20px; } </style>

nKode Advances the State-of-the-Art

  • Whats New in nKodes Approach
    • Patented virtual keypad with shuffling icons; AI-generated, user-unique icon sets
  • Vs. Passwords: No text entry; strong guessing resistance with compact inputs
    • Zero-trust architectures leveraging ChaCha20 to drive shuffling and OPAQUE (aPAKE) for mutual authentication over low-trust links
    • Resilient to keyloggers and replay; auto-rotation without user action; shoulder-surf resistant
  • Why It Matters at the Edge
    • Works in low-bandwidth or contested environments
    • Cuts cognitive load and speeds access, reducing bypass behavior
    • Preserves mission continuity for edge tools and C2 workflows

How nKode Aligns with DARPA ERIS

  • Topic area fit: Advances resilience, efficiency, and effectiveness for strategic systems across critical infrastructure and military C2 at strategic, command, operational, and tactical edges.
  • Mission tie: Supports DARPAs aim to create technological surprise for U.S. national security.
  • nKodes role: Reinvents “something you know” with keyboard-less, AI-generated icons to keep auth working in contested or low-bandwidth networks.
  • Surprise element: Resilient to credential reuse and keyloggers; can operate over unencrypted or bandwidth-constrained links without exposing secrets.
  • Operational benefits: Faster, low-cognitive-load access under stress; reduces bypasses and maintains mission continuity for edge tools like TAK.
  • Architectural alignment: Zero Trust, edge computing, and secure operations in dynamic, degraded conditions.
  • Impact: Hardens C2 and critical infrastructure against AI-driven credential harvesting and disruption in contested environments.

Why nKode Will Succeed

  • Pitch History: Winner of the FIS VC and Venturetech Pitch competitions
  • Technical: Integration with legacy DoD systems; user training; device compatibility (rugged tablets)
  • Evolving Threats: Advanced AI shoulder-surfing; scaling to millions/billions of unique, psychologically neutral icons to prevent AI prediction of user selections
  • Mitigation: Leverage ERIS for rapid pathways; partner with McCrary Institute for validation
  • Market Validation: Independent survey by User Insight 62% prefer nKode (vs. 23% passwords)
  • Team Strength: Veterans with cyber ops experience; TRL 4
  • Dual-Use Potential: Defense (tactical edge) + Commercial
  • Evidence: Exceeds benchmarks; low friction deployment

Proposed Plan/Strategy if Funded

  • Target: TRL 4 → TRL 6 (operationally relevant prototype)
  • De-risking milestone 1 — independent validation: Obtain an independent, implementation-agnostic review of the systems zero-trust architecture, including threat model, assumptions, and security claims.
  • De-risking milestone 2 — implementation testing: Conduct penetration testing / red-teaming of the prototype to uncover practical vulnerabilities and harden the deployed system under tactical-edge constraints (low bandwidth, intermittent connectivity).
  • De-risking milestone 3 — scale enabler: Deliver a repeatable pipeline capable of producing millions to billions of psychologically neutral icons to support scale without introducing bias.
  • Result: A validated design and hardened, scalable prototype ready for operationally relevant evaluation.

Arcanum and McCrary Technical Team

Brooks Brown headshot
Brooks Brown
Chief Development Architect, Co-founder (nKode inventor)
Dr. Craig Whittinghill headshot
Dr. Craig Whittinghill
Deputy Director, McCrary Institute (USN Veteran)
Jonathan Sherk headshot
Jonathan Sherk
Principal Cybersecurity Research Engineer (NSA-cert Red Team Lead)
Dr. Luke Oeding headshot
Dr. Luke Oeding
Associate Professor, Math & Statistics (Algebraic/Computational)
Dr. Farah Kandah headshot
Dr. Farah Kandah
Associate Professor, CSSE (Cybersecurity, Networks, IoT)
Donovan Kelly headshot
Donovan Kelly
CTO, Arcanum Technology (Defense, Healthcare, Auth)
<style scoped> section { font-size: 18px; } </style>

Team Bios

  • Brooks Brown, as the inventor and Co-founder of nKode, provides the foundational vision and architectural expertise essential for driving this innovative authentication solution forward. His role as Chief Development Architect positions him uniquely to guide the project's technical direction.
  • Dr. Craig Whittinghill serves as the Deputy Director for Applied Research and Services at the McCrary Institute. As a Navy Veteran with 29 years of service as a Naval Intelligence Officer, he brings extensive leadership in high-stakes cyber and intelligence operations.
  • Jonathan Sherk is a Principal Cybersecurity Research Engineer at Auburn Universitys McCrary Institute. He leads a USDA grant on rural cybersecurity and co-leads Alabamas State and Local Cybersecurity Grant Program. As an NSA-certified, CYBERCOM-accredited Red Team Lead, he has performed adversarial assessments on EUDs and Army products at the Threat Systems Management Office.
  • Dr. Luke Oeding, an Associate Professor in the Department of Mathematics and Statistics at Auburn University, contributes advanced algebraic and computational expertise critical for nKode's underlying mathematical frameworks. His research focuses on applications of algebraic geometry and representation theory to tensors, quantum information processing, signal processing, and collaborative navigation.
  • Dr. Farah Kandah, an IEEE Senior Member and Associate Professor in the Department of Computer Science and Software Engineering at Auburn University, as well as a faculty affiliate with the McCrary Institute, provides specialized knowledge in cybersecurity, networking, and emerging technologies like IoT and quantum credentials. His research encompasses distributed computing, computer security and reliability, computer communications (networks), and more.
  • Donovan Kelly brings software development experience across defense, healthcare, media, and authentication sectors, including prior work at Lockheed Martin Space. In my current role as CTO of Arcanum Technology LLC, I am actively developing new ways to apply nKode to a variety of authentication problems.

Defense and Commercial Market Use Case/Impact

  • Defense Use Cases
    • Tactical edge authentication: Secure access to Tactical Assault Kits/comms platforms in DDIL environments
    • Warfighter resilience: Keyboard-less icons reduce errors under stress; resists keyloggers, phishing, AI attacks
    • Zero Trust enablement: Auth over unencrypted/low-bandwidth channels; integrates with C2 systems/edge compute
  • Commercial Use Cases
    • Banking/Healthcare: Replaces passwords for online accounts; phishing-resistant, no credential reuse
    • Dual-Use Potential: Scales to consumer apps; reduces MFA friction in high-volume sectors
  • Market Impact ("So What")
    • Enhances mission success/safety: Faster logins, fewer vulnerabilities in contested ops
    • Broad Adoption: Safeguards critical ops across sectors

Partnering with DARPA for Authentication's Next Leap

  • Historical Full Circle: In 1961, DARPA (as ARPA) funded MIT's Project MAC, birthing the Compatible Time-Sharing System (CTSS), the origin of computer passwords. Now, as authentication faces escalating nation-state threats, nKode represents its disruptive evolution, closing vulnerabilities in denied, degraded, intermittent, and low-bandwidth (DDIL) scenarios.
  • DARPA as Prime Mover: DARPA's mission to make pivotal investments in high-risk, high-reward innovations for national security makes you the ideal partner. Your support can accelerate nKode from TRL 4 to operational deployment, enabling revolutionary advances in Zero Trust and edge computing for warfighters.
  • Why We Need DARPA: As our strategic catalyst, your funding, expertise, and ecosystem will scale nKode globally, ensuring resilient authentication safeguards missions and lives. This is our call to collaborate: Join us in evolving what you pioneered.