Why technology standards are critical for Quantum-Safe Security

Posted by | October 26, 2017

Technology standards and the standardization process itself are used for multiple reasons. A primary reason is to ensure that the components of an Information and Communication Technology (ICT) system, for example, can be made to be interoperable over a broad scale, over large geographic distances, using equipment and software from multiple manufacturers.

This concept of mass interoperability creates, what economists call, “network externalities”, by which a greater and greater interconnection of nodes in a network results in greater economic utility value over time. For example, a wireless communication system that serves a single country having a population of around 65 million such as France, may deliver a certain degree of economic utility value to people within that country. But imagine the utility value of a wireless communication system that permits global communication, and one that can put any user in touch with any other user on the network from almost any reasonably populated country almost instantly. This global interoperability is exactly what we have today with our cellular broadband communication systems. More than 5 billion individual subscribers are connected by wireless technologies that were standardized by members of the European Telecommunication Standards Institute (ETSI) and International Telecommunication Union (ITU) beginning in the 1980s.

Because of the tremendous success of standards such as Global System for Mobile Telecommunication (GSM), Universal Mobile Telecommunications System (UMTS or 3rd Generation wireless) and Long Term Evolution (LTE or 4th Generation Wireless) there has been a major worldwide shift in technology standardization activities over the past 30 years. This shift is manifested as a distinct migration of ICT standards away from local standards, which are standards that are specific to a single country or region, to global standards that can ideally be used almost anywhere in the world. Furthermore, commercial enterprises have seen the benefits of global-scale market access when a technology becomes a global standard. Industry players often participate in the standardization process by collaborating globally with partners, and even competitors in the same field, in order to benefit from the resulting market access, some of which is created by massive interoperability.

Standards are of paramount importance for specialty areas such as cryptography and cyber security. This is partly due to the precise degree of implementation considerations required to ensure successful interoperability, reasonable resilience against side-channel attacks for a given implementation, and acceptable levels of performance. In addition to the above goals, certification standards must be addressed. For example, in Canada there exists the Cryptographic Module Validation Program (CMVP). The CMVP is a program jointly managed by Communications Security Establishment (CSE) in Canada and the National Institute of Standards and Technology (NIST) in the United States. The purpose of this program is to ensure the validation of cryptographic modules to the Federal Information Processing Standard (FIPS) 140-1 and FIPS 140-2, and other cryptography based standards. Programs such as the CVMP help to ensure that a certain level of security can be achieved, and that products specified to offer a certain level of security can be verified as being able to meet those specified security requirements.


Survey of Quantum-Safe Cryptographic Standards Activities

European Telecommunication Standards Institute (ETSI)

Probably the initial efforts to develop quantum-safe standards were focused on Quantum Key Distribution (QKD); a technique for exchanging cryptographic keys for symmetric key cryptography by utilizing basic quantum mechanical properties of electromagnetic radiation. These initial efforts were begun in ETSI in 2007 with the creation of the Industry Specification Group for Quantum Key Distribution (ISG QKD).

In 2015, ETSI members decided to accelerate the standardization of quantum-safe cryptography by creating a new Industry Specification Group on Quantum-Safe Cryptography (ISG QSC). The primary focus of ISG QSC is the implementation issues, architecture, and other practical aspects of quantum-safe cryptographic services that will be encountered by industry. Industry members affected by this work includes companies and government users of quantum-safe cryptography who use or create quantum-safe systems and services. The scope of this industry specification group includes analysis into the performance considerations, implementation capabilities, benchmarking, and practical architectural considerations for specific applications. Therefore, the group focuses on questions and recommendations that include analysis of the consequences of deploying, for example, a certain primitive, key-exchange method, protocol, etc. for a specific purpose. The work feeds into other ETSI groups and projects such as 3GPP and other standards bodies such as the ITU and the Internet Engineering Task Force (IETF). The objectives of the QSC does not include the development of cryptographic primitives, nor do they focus on QKD, as these are propositions best left to academia and other groups who specialize in those areas. The ISG QSC became the Working Group for Quantum-Safe Cryptography (WG QSC) of ETSI Technical Committee Cyber in March 2017.

To date, WG QSC has published five Group and/or Technical Reports pertaining to the various aspects of the industry forming around quantum-safe cryptography. These reports include analyses of cryptographic primitive families that are believed to be secure against attacks by quantum computers, as well as case studies regarding the deployment of certain quantum-safe primitives for specific applications and the consequences of those deployments in terms of implementation complexity and performance. In addition, ETSI standardized risk assessment techniques were applied to the quantum computing threat, as well as an analysis of symmetric-key cryptography in relation to the capabilities of future quantum computers.

Access to the current published work of WG Quantum-Safe Cryptography (QSC) can be found here:

National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology (NIST) is an agency of the United States government focusing on the evaluation of technology and technology standards. NIST is the originator and maintenance organization for security algorithm certification and accreditation via their Federal Information Processing Standard (FIPS) 140-1 and FIPS 140-2 programs.

A few months after the creation of the ETSI QSC in March of 2015, NIST formally announced its post-quantum cryptography standardization project. After several years of speculation, one can say that that this announcement initiated once and for all the paradigm shift to quantum-safe cryptography; as evidenced by NIST’s call for contributions to its evaluation process. Although NIST has the sole authority to edit US standards, the announcements and standards of NIST have often had far-reaching impact worldwide. This is especially true of cryptographic standards.

The first milestone of the NIST post-quantum standardization project is end of 2017, which is the deadline set by NIST to receive proposals for quantum-safe cryptographic standards. This process is similar to former initiatives of NIST on the standardization of cryptographic primitives, such as the Advanced Encryption Standard (AES), and Secure Hash Algorithm-3 (SHA3). The first of part of this NIST project is an open call for proposals for quantum-safe cryptographic algorithms. In the second part, NIST’s internal experts will review the submitted proposals. At the same time, NIST will monitor progress by the quantum-safe cryptography community and encourage research by organizing conferences and workshops. According to the timeline laid out by NIST, new quantum-safe cryptographic standards should be completed between 2022 and 2024.

This NIST project for quantum-safe algorithm selection differs from previous NIST initiatives in the sense that the process will likely result in multiple quantum-safe cryptographic standards as opposed to a single standard as in the SHA3 and AES competitions. As expected, this new NIST standardization project is receiving a considerable amount of attention from the cryptographic community.

International Telecommunication Union (ITU) 

The International Telecommunication Union (ITU) is a specialized agency within the United Nations that is a public-private partnership. The ITU’s membership includes 193 countries and almost 800 private-sector entities and academic institutions. The ITU Telecom (ITU-T) sector Study Group 17 (SG17) coordinates security related work across all ITU-T Study Groups and liaises and cooperates with other standards-development organizations worldwide.

Progress towards quantum-safe cryptographic standards began in ITU-T SG17 in 2017 with the introduction of an optional extension to the X.509 digital certificate. This optional extension will allow the next version of X.509 to support two Public Key Infrastructure (PKI) modes: one for the existing certificate structure and processing requirements, and another for the quantum-safe certificate structure and processing requirements. The next version will be available middle of 2018.

Internet Engineering Task Force (IETF)

The Internet Engineering Task Force (IETF) is responsible for developing and maintaining standards for network and transport layer protocols and related signaling and management functions incidental to their operation. These include important and ubiquitous Internet communications protocols such as Transport Layer Security (TLS), Internet Protocol Security (IPSec) and Secure/Multipurpose Internet Mail Extensions (S/MIME). Recently, there have been some studies on quantum-safe cryptography in the IETF’s Crypto Forum Research Group (CGRG); a general forum for discussing and reviewing uses of cryptographic and security mechanisms. Since 2013, several IETF Internet-Drafts related to quantum-safe cryptography have been actively discussed in the CFRG. This work includes: hash-based digital signatures, new initiatives to make TLS quantum-secure, and educational documents about the quantum threat in general.

International Standards Organization (ISO)

The International Standards Organization (ISO) is an independent, non-governmental, international organization headquartered in Geneva, Switzerland with a membership of 162 different national standards bodies on a country-by-country basis. ISO aims to bring together experts to share knowledge and develop voluntary, consensus-based, market relevant international standards. ISO is a large organization that develops and publishes a wide variety of international standards, including business procedures and operations, best practices for manufacturing, technology and more.

The standardization of quantum-safe cryptography is currently being discussed within the ISO/IEC JTC 1/SC 27 WG2 working group on cryptography and security mechanisms. At present, ISO is in a study period on quantum-safe cryptography and is collecting feedback from delegates regarding the principal requirements for quantum-safe cryptosystems in general, as well as the vision for future standardization. It is anticipated that ISO will begin more formal activities regarding quantum-safe cryptography and best practices shortly.

Accredited Standards Committee X9 Inc. (X9)

The Accredited Standards Committee X9 Inc., more commonly known as X9 is a standards body accredited by the American National Standards Institute (ANSI). X9 is dedicated to the development, maintenance, and advocacy of standards for financial industries. Headquartered in Annapolis Minnesota USA, X9 standards are used not only in the Americas, but also by financial sectors globally; facilitating worldwide financial interoperability.

Recently, X9 began a new initiative to standardize blockchain technologies for use in financial industry. The first step of this initiative is to standardize the common terminology used in blockchains and Distributed Ledger Technology (DLT). X9 intends to publish a technical report on the matter in the coming months.


In summary, the commercialization of quantum-safe cryptography and related security aspects is still relatively new. As a result, standards today are few, and in the formative phase. We nevertheless see an active growth trend of commercial enterprises making credible investments in the areas of applied research and standardization in the field, as evidenced by more ICT companies joining and participating in the relevant standards bodies and working groups.

About the Author

Mark Pecen is Chairman, ETSI TC Cyber Working Group for Quantum Safe Cryptography (QSC) (France); Chief Operating Officer, ISARA Corporation (Canada); Board member, Institute for Quantum Computing (Canada); and Advisory Board member, Safeguard Scientifics (United States).

(Visited 1,075 times, 1 visits today)

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,