The European Telecommunications Standards Institute (ETSI) has introduced new quantum-safe encryption standards. These standards include a key encapsulation mechanism with access control (KEMAC) called Covercrypt. The Covercrypt specification enhances data security by encrypting session keys based on user attributes, ensuring that only authorized users can access them. It provides an extra layer of protection by defining a specific access policy to control who can decrypt data within applications.
The Covercrypt scheme works by using key encapsulation mechanisms that establish a shared secret key.
These mechanisms transmit the key securely, ensuring that only those who know the private key can access the encapsulated secret. Covercrypt builds on this by allowing data encryption based on user attributes while maintaining anonymity. It enables organizations to protect sensitive data while efficiently managing access control through a robust policy.
ETSI’s new standard is designed to prepare organizations for future quantum-based attacks while maintaining compatibility with current security needs.
The system, with its fast processing time, encapsulates and decapsulates session keys in just a few micro-seconds. The hybrid encryption solution can be seamlessly integrated into existing commercial security products, providing a quantum-safe transition without disrupting current operations. This development follows similar efforts by other global institutions, including NIST and NCSC.
With the rise of quantum computing, organizations must now prepare for the potential threats posed by these powerful machines. Recent publications from NIST and NCSC encourage a full transition to post-quantum cryptography by 2035. Quantum computers, such as Microsoft’s Majorana 1 chip, are approaching the ability to break traditional encryption, underscoring the urgency for organizations to implement quantum-safe measures like Covercrypt.
Reference:
