Standards may sound boring, but they are what make complex emerging technologies accessible at scale. They are the reason that many organisations and companies are now able to look at technologies such as post-quantum cryptography and better understand what options are available to them, and they enable organisations to comply with laws and regulations around those technologies.
Though Cavero is making a name for itself as a provider of trust solutions, our history is firmly in the realms of quantum security – and our products both offer customers quantum security for key exchange and continuous endpoint trust verification. That’s why we are hugely proud to be new members of ETSI, the European Telecommunications Standards Institute, doing our part to help develop the standards for post-quantum cryptography in Europe.
What is ETSI?
ETSI is an organisation similar to NIST in the US or the global body ISO, that defines standards for various technologies. As its name implies, ETSI’s focus is primarily in Europe, and focuses on standards relating to communications technology.
As you’d expect, quantum security is a hot topic for ETSI right now. Q-Day is widely expected as early as the next decade, meaning that time is running out to secure networks and infrastructure against future quantum attacks and current harvest now, decrypt later attacks. As the owners and operators of the word’s digital infrastructure, and therefore the custodians of much of the world’s data, telecoms companies are under particular pressure to protect their infrastructure against quantum attacks.
By creating quantum security standards for digital communications, ETSI is enabling mobile network operators, and any organisation that needs to secure digital communications, to have confidence in their security measures. Standards also enable organisations to demonstrate to regulators and customers that their security measures are robust enough to keep data safe. As new members of ETSI, our team is excited to contribute to the creation of those standards.
Shaping the future quantum security standards
The standards that Cavero Quantum is particularly focused on supporting are around post-quantum cryptography (PQC), as well as ways of establishing trust between non-human identities and each other, and the humans that interact with them.
For instance: in the field, many NIST-approved algorithms have been found to be too large to work effectively on SIM cards, or are highly complex to deploy safely. This obviously presents huge challenges for operators who are trying to implement quantum security for SIM cards, or build identity services that are quantum safe. Our expertise is in protecting constrained environments, so we can help ETSI build standards that are tailored for telecoms use cases.
On the trust side of things, phenomena like agentic AI highlight a vulnerability in existing authentication protocols: many of them enable the same machine identities to be used in parallel, opening the door to malicious actors using AI agents to attack organisations far faster than humans can. Our Authentikey technology provides a novel way of combatting this: a Continuous Trust Verification Protocol that enables AI agents to have histories that can be used to establish trust and identify rogue instances of a machine identity, which we hope can inspire standards around non-human identity trust frameworks.
Partner with us to stay at the leading edge of cybersecurity
Cavero is actively looking for partners to co-create products and services using our Continuous Trust Verification Protocol and lightweight PQC algorithm. If your organisation is forward-thinking and interested in tackling challenges around trust and identity in a way that protects people and organisations now and after Q-Day, fill in the form below to get in touch.