etsi gr qsc 004 v1.1 7 etsi gr qsc 004 v1.1.1 (2017-03) etsi eg 203 310 [i.4] states (with some...

Download ETSI GR QSC 004 V1.1 7 ETSI GR QSC 004 V1.1.1 (2017-03) ETSI EG 203 310 [i.4] states (with some editorial

Post on 09-Jul-2020

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • ETSI GR QSC 004 V1.1.1 (2017-03)

    Quantum-Safe Cryptography; Quantum-Safe threat assessment

    Disclaimer

    The present document has been produced and approved by the Quantum-Safe Cryptography (QSC) ETSI Industry Specification Group (ISG) and represents the views of those members who participated in this ISG.

    It does not necessarily represent the views of the entire ETSI membership.

    GROUP REPORT

  • ETSI

    ETSI GR QSC 004 V1.1.1 (2017-03) 2

    Reference DGR/QSC-004

    Keywords quantum cryptography, security

    ETSI

    650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE

    Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16

    Siret N° 348 623 562 00017 - NAF 742 C

    Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88

    Important notice

    The present document can be downloaded from: http://www.etsi.org/standards-search

    The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any

    existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.

    Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at

    https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx

    If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx

    Copyright Notification

    No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.

    The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.

    © European Telecommunications Standards Institute 2017.

    All rights reserved.

    DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and

    of the 3GPP Organizational Partners. GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.

    http://www.etsi.org/standards-search https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx https://portal.etsi.org/People/CommiteeSupportStaff.aspx

  • ETSI

    ETSI GR QSC 004 V1.1.1 (2017-03) 3

    Contents

    Intellectual Property Rights ................................................................................................................................ 4

    Foreword ............................................................................................................................................................. 4

    Modal verbs terminology .................................................................................................................................... 4

    Introduction ........................................................................................................................................................ 4

    1 Scope ........................................................................................................................................................ 5

    2 References ................................................................................................................................................ 5 2.1 Normative references ......................................................................................................................................... 5 2.2 Informative references ........................................................................................................................................ 5

    3 Abbreviations ........................................................................................................................................... 6

    4 Overview of approach to threat assessment ............................................................................................. 6

    5 Assessment of Quantum Computing timetable ........................................................................................ 8 5.1 Overview ............................................................................................................................................................ 8 5.2 QC requirements for Shor's algorithm ................................................................................................................ 9 5.3 QC requirements for Grover's algorithm ............................................................................................................ 9

    6 Threat assessment against aspects of QC deployments ............................................................................ 9 6.1 Algorithm vulnerabilities ................................................................................................................................... 9 6.1.1 Overview ...................................................................................................................................................... 9 6.1.2 Symmetric algorithms ................................................................................................................................. 10 6.1.3 Public key cryptography ............................................................................................................................. 10 6.1.4 Random number generation ........................................................................................................................ 10 6.2 Security Protocols............................................................................................................................................. 11 6.2.1 Introduction................................................................................................................................................. 11 6.2.2 Transport Layer Security (TLS) .................................................................................................................. 11 6.2.3 Internet Protocol Security (IPSec)/Internet Key Exchange (IKE) .............................................................. 11 6.2.4 Secure/Multipurpose Internet Mail Exchange (S/MIME) ........................................................................... 12 6.2.5 Public Key Infrastructure (PKI) .................................................................................................................. 12 6.2.6 Application of security protocols ................................................................................................................ 12

    7 Industry specific issues ........................................................................................................................... 13 7.1 Banking and e-commerce ................................................................................................................................. 13 7.2 Intelligent Transport Systems ........................................................................................................................... 13 7.3 eHealth ............................................................................................................................................................. 15 7.4 Trusted Platform Modules ................................................................................................................................ 17 7.5 Digital Media and Content Protection .............................................................................................................. 18 7.5.1 System overview ......................................................................................................................................... 18 7.5.2 Digital Transmission Licensing Authority (DTLA) ................................................................................... 18 7.5.3 Digital Living Network Alliance (DLNA®) ................................................................................................ 18 7.5.4 Advanced Access Content System Licensing Authority (AACSLA) ......................................................... 18

    8 Summary, conclusions and recommendations ....................................................................................... 19

    Annex A: Authors & contributors ........................................................................................................ 20

    Annex B: Bibliography .......................................................................................................................... 21

    Annex C: Change History ..................................................................................................................... 22

    History .............................................................................................................................................................. 23

  • ETSI

    ETSI GR QSC 004 V1.1.1 (2017-03) 4

    Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The informati