What do devices need to be able to do if they want to communicate securely with quantum encryption? And just as importantly, how can this be reliably verified?
The final accolade is short and sweet. The German Federal Office for Information Security (BSI) has assigned the consecutive number BSI-CC-PP-0120-2024 to a profile for the secure exchange of quantum keys and lists it on its website. This certified profile also receives the highest honors in the plenum of the European Telecommunications Standards Institute (ETSI). A simple document thus becomes a trend-setting industry standard, and my team at Telekom Security GmbH has every right to be proud of it. After all, we have been working on this for around two years on behalf of the BSI.
At first glance, this may seem a little long. And although the technical part of developing a protection profile (PP) is very complex, it only takes up a fraction of these 24 months. The time-consuming factor is a different one. A protection profile must take many interests into account if it is to be suitable as an international standard. These interests are sometimes conflicting, and in extreme cases the positions can be far apart. Over and over again, the wishes of device manufacturers, security authorities and telecommunications service providers have had to be balanced on a scientific, technical or legal basis. However, there are clear rules for a protection profile that do not allow any diplomatic ambiguities. Otherwise it cannot be certified. And it was under these framework conditions that we reached an international agreement on a draft that was ultimately established as a European standard by the ETSI.
What QKD does
But back to the protection profile itself. Quantum Key Distribution (QKD) is a quantum-safe technology that is used to generate random code keys. This is done on the basis of quantum properties, for example the properties of optical signals. What do these quantum properties do? That any attempt to intercept or manipulate the key on the transmission path can be mathematically proven to result in such compromised parts not being used. This ensures that only secure keys are used. The profile now specifies the protection requirements that devices using this technology must meet. Something like this is needed for a binding approval scheme for the industrial production of telecommunications equipment.
Two global firsts included
In the ETSI working group, manufacturers, researchers and security experts from all over the world have contributed their know-how, reviewed and discussed our draft. These included Toshiba, the University of Waterloo in Canada and, of course, the BSI as the client. With the BSI certification, the protection profile can now be used worldwide for security assessments according to the Common Criteria (CC). The CC are a global scheme for IT security. It is considered normative even if the respective national certification authority does not prescribe ETSI standards.
ETSI lists the standard under the cryptic designation GS QKD 016 V2.1.1, behind which the certified profile from our pen is hidden. In fact, it is the first of its kind in the world, and in more ways than one. It is the first protection profile for a QKD application. But it is also the world's first PP according to the new version of the Common Criteria, called CC:2022. Our work has paid off.
