StandICT.eu
User area
EU-OS Logo powered by StandICT.eu
  • EUOS
  • Discussion groups
  • Standards repository
  • Landscape and gap analysis

follow us

Security Certification of QKD

Breadcrumb

  • Discussion Groups
  • Quantum Computing
  • 297
  • Security Certification Of QKD
Up
0
Down
  • Posted By Thomas Länger
  • 10 months ago
  • 2 Replies

Security Certification of QKD .

The standard ISO/EN 15408 "Common Criteria" enables end users to express their specific security needs for a type of information technology systems in the form of a Protection Profile (PP). Producers can then have their products evaluated against such a PP, providing assurance to end users that these products can be securely and dependably used in the intended environment.

Quantum Communication, in the form of Quantum Key Distribution QKD, with its high security claims, is intended for areas with highest security requirements. Therefore, a rigorous security certification is necessary for end users to be reasonably assured that the installed systems will operate as securely as advertised. Currently (summer 2021), two pushes to standardise the ISO/EN 15408 "Common Criteria" security certification of QKD systems are underway, in the ETSI ISG-QKD and in the ISO SC27 WG3—both intending to publish standards soon.

The ISO group develops two standards: "ISO/IEC 23837-1 Information security—Security requirements, test and evaluation methods for quantum key distribution—Part 1: Requirements" (containing predefined security functional requirements for use in QKD PPs) and "ISO/IEC 23837-2 (…) Part 2: Test and evaluation methods". Both are currently in advanced committee draft (CD) stage and publication is planned for spring 2022.

The ETSI ISG-QKD works on a standard DGS/QKD-016 "Common Criteria Protection Profile for QKD", providing a standardised PP for a "prepare and measure" QKD system. The standard draft is edited by Deutsche Telekom Security GmbH, Evaluation Facility, with German BSI as sponsor, and is also in a quite advanced state, with publication probably still later this year.

Currently, these two approaches are not compatible, which can be explained through the fact that both activities were started independently, and only recently. For example, while the ISO puts its requirements into a new FTP_QKD family (of the FTP "Trusted Path" class), the ETSI extends the FCS "Cryptographic Support" class with a new "FCS_QKD" family. Probably both solutions are viable, but the ETSI and the ISO groups are connected through mutual liaisons, exchanging comments in both directions, in order to address these differences. It will be seen if compatibility will still be achievable for the first editions of the standards—or if it will remain for the future to, e.g., develop an ISO conformant PP for QKD. But a non ISO compliant ETSI Protection Profile for QKD would nevertheless be valuable, as this would be the first PP for QKD prepared by an actual evaluation laboratory, under the sponsorship of an actual evaluation authority—being the result of more than a decade of preparations and basic work in QKD standardisation in the ETSI group.

Add a comment
  • Answered By
    /sites/default/files/styles/350x350/public/pictures/2021-05/IMG_8487Ines.jpg?itok=S1kkdv38
    Maria Ines Robles
  • 9 months 1 week ago
Up
0
Down

Thank you for this post. Maybe it would be nice to bring this topic into the IETF to the Quantum Internet Research Group (qirg) https://datatracker.ietf.org/group/qirg/about/. The working group is relatively new (charter approved 2020) with two documents: Architectural Principles for a Quantum Internet and Application Scenarios for the Quantum Internet. The latter mentions briefly QKD.   

  • Log in or register to post comments
  • Answered By
    /sites/default/files/styles/350x350/public/pictures/2021-11/NLG_2019_1.JPG?itok=rNlm3Ikz
    Nicolas Le Gallou
  • 7 months 2 weeks ago
Up
0
Down

Hi Thomas. Interesting post directly related to my project. We should exchange !

  • Log in or register to post comments

Please login to post comments

Latest Discussions

Posted in Quantum Computing

First two publications of CEN/CENLEC FGQT online

  • 5 days 6 hours ago
Posted in Circular Economy

Overview of CE Standardization Activities

  • 1 month ago
Posted in Industry 4.0

International Robotics Standards Coordination Effort meeting

  • 1 month ago

Recent comments

Commented in IEEE Standard for Autonomous R…

The standard was published…

  • 1 month ago

IEEE Standard for Autonomous R…

Commented in Considerations regarding locat…

Presentation of the concept

  • 6 months ago

Considerations regarding locat…

Commented in Open Ethics Transparency Proto…

Hi Andrea, thank you, this…

  • 6 months 3 weeks ago

Open Ethics Transparency Proto…

Commented in Open Ethics Transparency Proto…

Nikita,

quite interesting…

  • 6 months 4 weeks ago

Open Ethics Transparency Proto…

Commented in The EU Observatory For ICT Sta…

I am trying to do the same…

  • 6 months 4 weeks ago

The EU Observatory For ICT Sta…

Commented in Security Certification of QKD

Hi Thomas. Interesting post…

  • 7 months 1 week ago

Security Certification of QKD

Commented in First live meeting of CEN/CENE…

Thanks Thomas for the very…

  • 7 months 3 weeks ago

First live meeting of CEN/CENE…

Commented in REPORT ON STANDARDIZATION AND…

Very interesting document,…

  • 9 months ago

REPORT ON STANDARDIZATION AND…

Commented in Security Certification of QKD

Thank you for this post…

  • 9 months ago

Security Certification of QKD

Commented in semantic BIM bibliography

Thanks Vladimir, quite…

  • 1 year ago

semantic BIM bibliography

Most recent tags

AI
Big Data
Blockchain

In collaboration with

Logo
Logo
Logo
  • About
    • StandICT.eu 2023
    • Partners
    • StandICT.eu 2018-2020
    • Newsletters
  • Open Calls
    • 7th Open Call
    • Closed Calls
      • 1st Open Call
      • 2nd Open Call
      • 3rd Open Call
      • 4th Open Call
      • 5th Open Call
      • 6th Open Call
    • FAQs
  • Results
    • Deliverables
    • Publications
    • Fellows Reports
    • Landscape Analysis Reports
    • Synergies
  • Success stories
  • EUOS
    • ICT Standards Academy
    • ICT Standards Observatory
  • Experts
    • EAG
    • EPE
  • News & Events
    • News
    • Events
Menu

eu-flag

The StandICT.eu 2023 project has received funding from the European Union’s Horizon 2020 - Research and Innovation programme - under grant agreement no. 951972. The content of this website does not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of such content.

© Copyright 2021 - StandICT.eu 2023

Footer menu

  • Contact
  • Privacy policy
  • Terms of use
  • About
    • StandICT.eu 2023
    • Partners
    • StandICT.eu 2018-2020
    • Newsletters
  • Open Calls
    • 7th Open Call
    • Closed Calls
      • 1st Open Call
      • 2nd Open Call
      • 3rd Open Call
      • 4th Open Call
      • 5th Open Call
      • 6th Open Call
    • FAQs
  • Results
    • Deliverables
    • Publications
    • Fellows Reports
    • Landscape Analysis Reports
    • Synergies
  • Success stories
  • EUOS
    • ICT Standards Academy
    • ICT Standards Observatory
  • Experts
    • EAG
    • EPE
  • News & Events
    • News
    • Events