The present document is intended to specify an Application Programming Interface (API) between a QKD key manager and applications. The function of a QKD key manager is to manage the secure keys produced by an implementation of a QKD protocol and to deliver the identical set of keys, via this API, to the associated applications at the communication end points.
The Use Cases Document shall provide an overview of possible application scenarios in which Quantum Key Distribution (QKD) systems ([i.1]) can be used as building blocks for high security Information and communication technology (ICT) systems.
The present document gives information on the long-term suitability of symmetric cryptographic primitives in the face of quantum computing.
The present document presents the results of a simplified threat assessment following the guidelines of ETSI TS 102 165-1 [i.3] for a number of use cases. The method and key results of the analysis is described in clause 4. The present document makes a number of assumptions regarding the timescale for the deployment of viable quantum computers, however the overriding assertion is that quantum computing will become viable in due course. This is examined in more detail in clause 5. The impact of quantum computing attacks on the cryptographic deployments used in a number of existing industrial deployment scenarios are considered in clause 7.
The present document examines a number of real-world uses cases for the deployment of quantum-safe cryptography (QSC). Specifically, it examines some typical applications where cryptographic primitives are deployed today and discusses some points for consideration by developers, highlighting features that may need change to accommodate quantum-safe cryptography. The main focus of the document is on options for upgrading public-key primitives for key establishment and authentication, although several alternative, non-public-key options are also discussed.
The present document gives an overview of the current understanding and best practice in academia and industry about quantum-safe cryptography (QSC). It focuses on identifying and assessing cryptographic primitives that have been proposed for efficient key establishment and authentication applications, and which may be suitable for standardization by ETSI and subsequent use by industry to develop quantum-safe solutions for real-world applications.
The present document collects together definitions and abbreviations used in relation to Quantum Key Distribution (QKD) and ETSI ISG-QKD documents. QKD introduces new concepts and technologies to the field of telecommunications and considerable related vocabulary. Many terms derive from the wider fields of quantum physics and classical cryptography but in some cases terms assume a modified or more specific meaning when applied to QKD. The main objectives of the present document are:
The present document is a preparatory action for the definition of properties of components and internal interfaces of QKD Systems. Irrespective of the underlying technologies, there are certain devices that appear in most QKD Systems. These are e.g. quantum physical devices such as photon sources and detectors, or classical equipment such as protocol processing computer hardware and operating systems. For these components, relevant properties should be identified that will subsequently be subject to standardization. Furthermore, a catalogue of relevant requirements for interfaces between components should be established, to support the upcoming definition of internal interfaces.
ISO/IEC 24745:2011 provides guidance for the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. Additionally, ISO/IEC 24745:2011 provides requirements and guidelines for the secure and privacy-compliant management and processing of biometric information.
ISO/IEC 24745:2011 specifies the following:
- analysis of the threats to and countermeasures inherent in a biometric and biometric system application models;
- security requirements for secure binding between a biometric reference and an identity reference;
biometric system application models with different scenarios for the storage of biometric references and comparison; and
- guidance on the protection of an individual's privacy during the processing of biometric information.
ISO/IEC 24745:2011 does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.
This document defines the core data set for a patient summary document that supports continuity of care for a person and coordination of their healthcare. It is specifically aimed at supporting the use case’ scenario for ‘unplanned, cross border care’ and is intended to be an international patient summary (IPS). Whilst the data set is minimal and non-exhaustive, it provides a robust, well-defined core set of data items. The tight focus on this use case also enables the IPS to be used in planned care. This means that both unplanned and planned care can be supported by this data set within local and national contexts, thereby increasing its utility and value.
It uses the European Guideline from the eHN as the initial source for the patient summary requirements, then takes into consideration other international patient summary projects to provide an interoperable data set specification that has global application.
This document provides an abstract definition of a Patient Summary from which derived models are implementable. Due to its nature therefore, readers should be aware that the compliance with this document does not imply automatic technical interoperability; this result, enabled by this document, can be reached with the conformity to standards indicated in the associated technical specification and implementation guides.
This document specifies
— generic extensible data interchange formats for the representation of vascular image data: a tagged binary data format based on an extensible specification in ASN.1 and a textual data format based on an XML schema definition that are both capable of holding the same information,
— examples of data record contents,
— application specific requirements, recommendations, and best practices in data acquisition, and
— conformance test assertions and conformance test procedures applicable to this document.
