ISO/IEC 23837-1:2023 信息安全 量子密钥分发的安全要求、测试和评估方法 第1部分：要求

标准编号：ISO/IEC 23837-1:2023

中文名称：信息安全 量子密钥分发的安全要求、测试和评估方法 第1部分：要求

英文名称：Information security — Security requirements, test and evaluation methods for quantum key distribution — Part 1: Requirements

发布日期：2023-08

标准范围

本文件规定了根据ISO/IEC 15408系列对量子密钥分发（QKD）进行安全评估的通用框架。具体而言，它规定了QKD模块的通用安全功能要求（SFR）的基线集，包括传统网络组件和量子光学组件上的SFR，以及QKD协议的整个实现。为了便于SFR的分析，在对QKD模块的安全功能和QKD协议分类的结构分析的基础上，分析了QKD模块在其操作环境中可能面临的安全问题。QKD模块的传统网络组件上的SFR主要是在ISO/IEC 15408系列的框架下进行表征的，也参考了ISO/IEC 19790的方法论和加密模块和网络设备测试的相关标准。

This document specifies a general framework for the security evaluation of quantum key distribution (QKD) according to the ISO/IEC 15408 series. Specifically, it specifies a baseline set of common security functional requirements (SFRs) for QKD modules, including SFRs on the conventional network components and the quantum optical components, and the entire implementation of QKD protocols. To facilitate the analysis of SFRs, security problems that QKD modules can face in their operational environment are analysed based on a structural analysis of the security functionality of QKD modules and the classification of QKD protocols. The SFRs on conventional network components of QKD modules are mainly characterized under the framework of the ISO/IEC 15408 series and also refer to the methodology of ISO/IEC 19790 and relevant standards on testing of cryptographic modules and network devices.

标准预览图