ETSI launches new standard for Quantum-Safe Hybrid Key Exchanges to secure future post-quantum encryption

Sophia Antipolis, France, 25 March 2025

Today, ETSI announces the launch of its post-quantum security standard to guarantee the protection of critical data and communications in the future. The specification “Efficient Quantum-Safe Hybrid Key Exchanges with Hidden Access Policies” (ETSI TS 104 015) has been developed to enhance security mechanisms, ensuring that only authorized users with the correct permissions can access sensitive data to decrypt them.

The new ETSI specification defines a scheme for Key Encapsulation Mechanisms (KEMs) with Access Control (KEMAC), called Covercrypt, that ensure both pre-quantum and post-quantum security through hybridization. This means that encryption remains secure against both current threats and future quantum computing capabilities, offering a seamless transition to a more advanced cryptographic landscape. Namely, session keys will be locked based on user-attributes, kept anonymous and any user having attributes fulfilling the encapsulation policy will be able to retrieve the session keys, while those who are not authorized will not be able to. For instance, while an IT department can define who enters applications, the ETSI KEMAC standard helps to determine who can decrypt the data inside those applications through a specific access policy.

This new solution is a real breakthrough in terms of efficiency: it only takes hundreds of micro-seconds to encapsulate and decapsulate session keys.

“ETSI’s latest specification marks a significant milestone in the transition to post-quantum cryptography” said Matt Campagna, Chair of the ETSI working group QSC (Quantum Safe Cryptography). “This standard is fundamental to the quantum future, we are empowering organisations to safeguard their sensitive data both for today, and for the decades ahead. The work we’ve done in the Cyber QSC working group underlines our commitment to providing secure, future proof solutions that can withstand emerging threats, while also helping to build a healthy industrial ecosystem and a sustainable economy”.

Organisations need to start using quantum-resistant encryption today to future-proof their data security, safeguard sensitive information from malicious actors, and ensure compliance with evolving standards. The ETSI Covercrypt encryption solution is designed to protect against the emerging threats posed by quantum computing and offers a high-performance hybrid encryption system that can be easily and readily integrated into existing commercial security products.

As an example, the company Cosmian is launching its new encryption solution based on ETSI standard.

“We’re really proud to have been part of the ETSI group to specify that scheme. Our standardized library helped us gain a competitive advantage on the market” says Chloe Hébant, Rapporteur of the ETSI QSC working group and cryptographer at Cosmian.

About ETSI

ETSI provides members with an open and inclusive environment to support the timely development, ratification and testing of globally applicable standards for ICT‑enabled systems, applications and services across all sectors of industry and society. We are a not-for-profit body with more than 900 member organizations worldwide, drawn from over 60 countries and five continents. Members comprise a diversified pool of large and small private companies, research entities, academia, government and public organizations. ETSI is one of only three bodies officially recognized by the EU as a European Standards Organization (ESO).

Contact
Email: Press@etsi.org

We use cookies or similar technologies to collect data about your use of this website and to improve your experience when using it. To find out how to disable our cookies, please visit our Privacy Policy.
I accept cookies from this site. Accept