ETSI launches new standard for quantum-safe hybrid key exchanges
"This standard is fundamental to the quantum future. We are empowering organisations to safeguard their sensitive data in the decades ahead."
The European Telecommunications Standards Institute (ETSI) has launched a new security standard that is designed to protect critical data and communications in the age of post-quantum threats.
ETSI, an EU standards body, introduced a specification called “Efficient Quantum-Safe Hybrid Key Exchanges with Hidden Access Policies” (TS 104 015) that enhances security mechanisms to ensure that only authorised users with the correct permissions can access and decrypt sensitive information.
The new ETSI specification defines a scheme for Key Encapsulation Mechanisms with Access Control (KEMAC) called Covercrypt, that ensures both pre-quantum and post-quantum security through hybridisation.
This should mean that encryption is secure against both current threats and future quantum computing capabilities, offering a "seamless transition to a more advanced cryptographic landscape", according to a press release about the new standard.
Namely, session keys will be locked down based on user attributes and stored anonymously. Only users with attributes that satisfy encapsulation policies will be able to retrieve the session keys. Anyone who is not authorised will be locked out.
READ MORE: World Quantum Day: What are the biggest challenges quantum will solve?
To understand how the standard works, imagine an IT department that defines which employees can use applications. The ETSI KEMAC standard offers an extra layer of security by strictly controlling who is allowed to decrypt the data inside those applications using a specific access policy.
This new solution is highly efficient, taking just hundreds of microseconds (one millionth of a second) to encapsulate and decapsulate session keys.
“ETSI’s latest specification marks a significant milestone in the transition to post-quantum cryptography,” said Matt Campagna, Chair of the ETSI working group QSC (Quantum Safe Cryptography).
"This standard is fundamental to the quantum future, we are empowering organisations to safeguard their sensitive data both for today and for the decades ahead.
"The work we’ve done in the Cyber QSC working group underlines our commitment to providing secure, future-proof solutions that can withstand emerging threats, while also helping to build a healthy industrial ecosystem and a sustainable economy."
READ MORE: When will quantum computing have its "ChatGPT moment"?
Organisations need to start using quantum-resistant encryption today to future-proof their data security, protect sensitive information from malicious actors, ensure compliance with evolving standards and safeguard against harvest now, decrypt later attacks.
The ETSI Covercrypt encryption solution is designed to protect against the emerging threats posed by quantum computing and offers a high-performance hybrid encryption system that can be easily and readily integrated into existing commercial security products.
Cosmian, a French cryptography pioneer, has already announced a new encryption solution based on the ETSI standard.
“We’re really proud to have been part of the ETSI group to specify that scheme. Our standardised library helped us gain a competitive advantage on the market,” said Chloe Hébant, Rapporteur of the ETSI QSC working group and cryptographer at Cosmian.
Do you have a story or insights to share? Get in touch and let us know.
