Request for Information - Virtual Encryption

(U) Request for Information (RFI) - Virtual Encryption (VE)(U) This Request for Information (RFI) is in accordance with the Federal Acquisition Regulation (FAR) clause 52.215-3 (Request for Information or Solicitation for Planning Purposes - Oct 1997) and is published to obtain information for use by the Air Force Lifecycle Management Center (AFLCMC), Cryptologic and Cyber Systems Division (HNC), Joint Base San Antonio – Lackland AFB, Texas, for market research and planning purposes only.(U) This RFI is NOT a Request for Proposal, Invitation for Bid, or an announcement of a solicitation; it is only intended for information or planning purposes. There is no bid package or solicitation document associated with this announcement. Response to this RFI is strictly voluntary and will not affect any potential offeror's ability to submit an offer if a solicitation is released. Any requests for a solicitation package will be disregarded. The government does not intend to award a contract on

the basis of this RFI or otherwise pay for the information solicited. No entitlement to payment of direct or indirect costs or charges by the government will arise as a result of preparing submissions in response to this RFI and the government's use of such information. Submittals will not be returned to the sender. Respondents to this RFI may be requested to provide additional information/details based on their initial submittals.Program(U) This RFI is in support of programs within the Cryptologic Modernization Branch (AFLCMC/HNCA).Purpose(U) This RFI is NOT a Request for Proposal, Invitation for Bid, or an announcement of a solicitation; it is only intended to seek information from industry. The information provided may be used the program office to develop its acquisition strategy, statement of work and system requirements. Respondents to this RFI may be requested to provide additional information/details based on their initial submittals.Background(U) The Air Force Cryptologic Modernization Branch (AFLCMC/HNCA) is preparing for Cryptographic Modernization 2 (CM2) activities looking for novel ways to address the 6 capability groups and 42 associated gaps to achieve modernization of DoD cryptographic capabilities.(U) Virtual Encryption (VE) is considered a next generation innovation in the emerging technologies section at the NSA to benefit the warfighter. Custom hardware dependencies and the lack of a scalable encryption solution has revealed the need for a VE solution for the next generation Concept of Operations (CONOPS). The envisioned solution is expected to support CONOPs that require secure information exchange to and from forward deployed locations, while eliminating the need for NSA Certified hardware (e.g., a High Assurance Internet Protocol Encryptor [HAIPE]). To support this CONOPs, the development of a VE solution capable of interoperating with a HAIPE is desired.Information Sought(U) AFLCMC/HNC requests industry provide information on available or in development solutions that can be used as a high assurance type 1 certified virtual encryptor. Responses should answer the following questions:(U) Is there a high assurance certified virtual encryptor solution already developed?(U) What type of virtualization technologies would you recommend? For example, would a VE incorporate hypervisors, virtual machines, containerization, memory isolation, trusted execution environments, application isolation, etc.? (U) Would the use of Federal Information Processing Standard (FIPS) modules be incorporated into a VE? For example, would a VE incorporate Trusted Platform Modules, Hardware Security Modules, Root of Trust, etc.? (U) How could a virtual encryptor maintain assurance in the integrity of the underlying platform configuration, including hardware, firmware, and software?(U) What NSA or DoD Policies would need to be addressed to certify a virtualized encryptor (e.g., CNSSP No. 11)?(U) What hardware dependencies do you envision for a virtualized encryptor? (U) What risks are envisioned for the potential development and certification of a VE solution?(U) Do you have any recommendations for AFLCMC/HNCA to consider regarding a VE acquisition strategy and contract type?(U) What data rights do you envision for a VE solution (e.g., Unlimited, Government Purpose Rights, Limited Rights, etc.)?(U) Do you have any recommendations for AFLCMC/HNCA to consider regarding the development of a VE solution?(U) Provide a cost and schedule rough order of magnitude (ROM) for the development of a Virtualized Encryption solution capable of interoperating with HAIPEs and include NSA certification costs.(U) Vendors who submit information for review do so with the understanding that U.S. Government personnel as well as their support contractors will review their material and data. Respondents will not be contacted regarding their submission or information gathered as a result of this notice nor the outcome of the Government's review of the solicited information unless the Government desires further information. Submitted information packages will be retained by the Government and not returned to the contractor. Ensure information is marked and sent appropriately if the response is For Official Use Only. If your response is classified contact the point of contact listed below before forwarding the information.(U) All interested, capable and responsible sources that wish to respond to this RFI are required to electronically supply their responses and send to org account: aflcmc.cryptologic.transformation@us.af.mil by COB 1 April 2024. Please include the title, “Virtual Encryption,” in the Subject Line.(U) NOTE: Additional follow-up questions may need to be accomplished over a secure form of communications.