MWC 2023: Telcos Prepare for Quantum Cybersecurity Threats

IBM, Vodafone, GSMA members set ways for telcos to secure data, infrastructure
Berenice Baker

March 1, 2023

Members of GSMA on stage drinking sparkling wine at the opening of MWC 2023
Members of GSMA celebrate the opening of MWC 2023GSMA/MWC

The telecoms industry association GSMA has published a report detailing the quantum security threats facing the telecommunications industry and setting out solutions to prepare for them.

Released to coincide with Mobile World Congress (MWC) 2023, the

Post Quantum Telco Network Impact Assessment

was written in collaboration with GSMA members IBM, Vodafone and others.

The report includes:

  • A telco-specific assessment of the business risk of quantum cyber threats, including four of the highest impact attack types: store now, decrypt later; code signing and digital signatures; rewriting history; and key management attacks.

    • Discussion of standardization for hardware and software changes, such as SIM cards, public key infrastructure, digital certificates and CPE devices.

      • Specific approaches to quantum-safe algorithms and risk assessment frameworks, including code-based, lattice-based, hash-based, multivariate-based, and hybrid approaches.

        • Timelines of several government plans that have been launched to implement quantum-safe encryption (Australia, Canada, China, France, Germany, Japan, New Zealand, Singapore, South Korea, the U.K. and the U.S.).

          • Examples of quantum-safe applications in several telco domains, including devices, 5G networks, SIMs, operating systems, enterprise resource planning, infrastructure and the cloud.

            According to the report, quantum computers will be sufficiently powerful to threaten current cryptographic approaches by 2032. The industry and operators need to prepare now because threats such as “harvest now, decrypt later” mean threat actors are stealing and storing encrypted data now to decrypt when they can access sufficiently capable quantum computers.

            The report says operators should prepare by undertaking the following steps:

            • Establish a cryptographic inventory: understand where cryptographic algorithms are used in systems or vendor products.

              • Plan a cryptography risk assessment.

                • Develop expertise in Post-Quantum Cryptography and security.

                  • Support standardization and open source.

                    • Support related research.

                      • Engage with customers and vendors for requirements.

                        • Develop a Post-Quantum Cryptography transition plan.

                          Read more about:

                          Quantum Newsletter

                          To get the latest Quantum news, research, videos and content, sign up to our newsletter

                          This site uses cookies to provide you with the best user experience possible. By using Quantum Business News, you accept our use of cookies.