Page 19 - ETSI AR 2017.indd
P. 19
Security Algorithms
Our Security Algorithms Group of Experts (SAGE) is
universally recognised for its work on authentication and
encryption mechanisms for different technologies. In
2016, SAGE developed new General Packet Radio Service
(GPRS) algorithms to support ‘Extended Coverage GSM’ (an
adaptation of 2G for more efficient service to the IoT). The
new algorithms (GEA5 for encryption, and GIA4 and GIA5 for
integrity protection) were delivered to the Third Generation
Partnership Project (3GPP™), with publication anticipated
early in 2017.
Quantum-Safe Cryptography
The emergence of the quantum computer will present a
serious challenge to current cryptographic techniques.
Previously secure encrypted information, including, for
example, bank account details, identity information and
military security, will become subject to discovery and
possible misuse. New ‘quantum-safe’ cryptographic
techniques have emerged in recent years that provide
protection against quantum threats. Our Industry
Specification Group (ISG) on Quantum-Safe Cryptography
(QSC) is assessing the current situation with regard to QSC
and developing specifications for the transition to quantum-
safe ICT applications.
In 2016, we completed our first Group Specification (GS)
which describes a quantum-safe algorithmic framework.
Good progress was also made on a Group Report (GR) which
will provide a quantum-safe threat and risk assessment for Other Aspects of Security
real-world use cases. Work continued on QSC case studies We contributed to the work of 3GPP on the requirements
and deployment scenarios, and on the limits of quantum for critical communications security, and updated the
computing. New work was introduced on quantum-safe key management rules for TETRA algorithms.
exchanges and quantum-safe signatures.
Our ISG on Quantum Key Distribution (QKD) completed a
The fourth QSC workshop organised jointly by ETSI and specification on the characterisation of optical components
the Institute for Quantum Computing of the University for use in QKD systems and began to revise its specification
of Waterloo, Canada, was held in September in Toronto, on the properties of the components and internal interfaces
Canada. of QKD systems. Other ongoing work included protection
against Trojan horse attacks and QKD deployment
To help industry plan its investment in QSC, and governments parameters.
and industry to decide their funding to academia, we began
to explore the possibility of establishing a longer-term Our ISG on Information Security Indicators (ISG ISI)
roadmap through a series of workshops where participants launched a second phase of work in 2016. This will involve
can share their ideas and devise a workable plan. developing an ISI-compliant measurement and event
management architecture for cyber security and safety to
TC CYBER produced an ETSI Guide (EG) on the impact of enable communication between diversified detection tools,
quantum computing on ICT security. Interest in our QSC work guidelines for building and operating a secured security
has grown since ISG QSC was established and we now have operations centre, and a description of a comprehensive
sufficient support to justify the development of normative security information and event management approach
specifications. Discussions therefore began at the end of involving all stakeholders. We also began updating our Key
2016 with a view to transferring the ISG’s activities into Performance Security Indicators for evaluating the maturity
mainstream ETSI standardisation in a new working group of security event detection, with the addition of application
within TC CYBER. examples.
The ETSI Security Week
Now in its second year, the ETSI Security Week took place in June 2016 and attracted some 140 delegates. The
week consisted of a three-day IoT Security Workshop followed by an open plenary meeting of TC CYBER and the
Alliance for IoT Innovation (AIOTI) Security and Privacy Workshop.
17
