Security in focus - Bund.de
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
BSI Magazine 2020/01
Security in focus
In Talks:
Post Quantum
Cryptography
BSI INTERNATIONAL THE BSI IT SECURITY IN PRACTICE
EU Council Presidency: Cooperation between DEU Energy Sector: Rollout of
Shaping Cyber Security CyberInfoDS HQ and the BSI Smart Metering Systems
Cyber Security in Times of Crisis
It became clear to us already in the spring of 2020 which incident will have
EDITORIAL the greatest impact this year: the coronavirus. It is turning all our lives upside
down and forcing us to rethink many of our everyday routines. Instead of
driving to work, we work from our home offices. School suddenly means
home schooling. Family visits take place on the smartphone. And we are
permanent guests of social media on the lookout for the latest information on
the virus pandemic.
Cyber criminals know how to accept such opportunities as gifts. As if the
virus wasn’t demanding enough from us already, many people are now
being confronted with old and new issues related to cyber security: How do
I protect company secrets and confidential data in my home office? How do I
design a secure video conference? How do I distinguish between trustworthy
and false messages? Does my bank really want to chat with me or are hackers
in action by sending new fake e-mails?
Even in a crisis situation like this, the BSI fulfils its legal mandate and
supports you in making your information technology secure. We provide
recommendations to governmental, business and social target audiences on
how they can communicate securely in the current crisis and remain capable
of taking action.
At the same time, we are not losing sight of other topics. This issue of BSI
Magazine is dedicated to post-quantum cryptography. Since Google pro-
claimed “quantum superiority”, the discussion on the importance of quan-
tum technology has been transported from specialised tech magazines to
the consciousness of a broader, interested and concerned public. And indeed,
there is every reason to take a comprehensive and critical look at this topic,
which could, in the long term, decisively change all our lives. Like nearly all
developments in the area of digitalisation, quantum technology has a bright
and a dark side. Although criminal applications such as the decryption of
digital encryption algorithms, which today guarantee secure communication
on the Internet, are not reality yet, the clock has been ticking since Google’s
experiment. For the BSI, post-quantum cryptography is therefore one of the
important future topics that we are already working on intensively.
Beyond the focus on quantum computers, we once again present a broad
spectrum of BSI topics in this issue. We are delighted that important national
and international partners of the BSI, such as the German Cyber and Infor-
mation Domain Service of the German Armed Forces, the Consumer Associa-
tion of North Rhine-Westphalia and the European Union Agency for Cyberse-
curity, are presenting themselves here.
Who knows? Maybe you will read this magazine as a PDF in your home office.
Perhaps you will be pleased to see the print edition once you return to the
office again after spending a long time at home. Whichever way you find us,
I wish you pleasant reading.
Sincerely Yours,
Arne Schönbohm,
President of the Federal Office for Information Security
TABLE OF CONTENTS | 3
TABLE OF CONTENTS
NEWS
4 News
15 BSI INTERNATIONAL
6 EU Council Presidency: Shaping Cyber Security
8 Interview: Juhan Lepassaar, ENISA
CYBER SECURITY
10 Alice and Bob in Quantum Land
12 Frodo is the "New Hope"
15 Quantum Computers and Quantum Superiority
18 29th Cyber Security Day of the Alliance for Cyber Security
20 Certification: IT-Grundschutz Consultant
18 22 Qualified Approval Procedure
24 Smartphone: Secure Mobile Identities
26 Secure Online Access to Administrative Services
THE BSI
28 Cyber Security for Critical Infrastructures
32 Five Years of Minimum Standards: a Look Back
34 Welcome: Onboarding at the BSI
36 A Day at the BSI
38 The Year 2019 for the BSI
40 The National Cyber Response Centre
26 42 Cooperation between DEU CyberInfoDS HQ and the BSI
IT SECURITY IN PRACTICE
44 Secure Digitalisation: Scanning Replaces Paper
46 BSI Study: How Secure is Blockchain?
50 Product-Driven Implementations of a CIS Cloud
54 Cyber Security in the Process Industry
58 Success Story: C5 Criteria Catalogue
DIGITAL SOCIETY
60 5G Campus Network at BASF
62 Energy Sector: Rollout of Smart Metering Systems
64 Interview: Wolfgang Schuldzinski, VZ NRW
66 Effective Security Measures for Online Accounts
68 Basic Tip: Checklists in Case of Emergency
42 AND FINALLY
70 Imprint
60
4 | BSI MAGAZINE 2020/01
NEWS
NEW BSI BUILDING
Bonn City Council Approves
Development Plan
The City Council of the Federal City of Bonn has approved the development plan for the area on Ludwig-Erhard-
Allee, where the new service property of the Federal Office for Information Security (BSI) is to be built, as a statute.
This represents an important milestone in terms of urban development law, on the basis of which the project can be
further advanced. Located in the immediate vicinity of Bonn’s Rheinauen, the new service property is intended to reflect
the character of the BSI as a progressive cyber security authority of the Federal Government, while optimally supporting
the authority’s business processes and integrating into the existing urban development environment. As the central
real estate service provider for the federal government, the Institute for Federal Real Estate (BImA) will assume the role
of the developer and carry out the procedure.
MEETING
First “Cyber Security Directors’
Meeting” in Advance of the
Munich Security Conference
Many heads of Europe’s cyber security authorities met for the first time for an informal ex-
change of information in advance of the Munich Security Conference (MSC) at the initiative and
invitation of the Federal Office for Information Security (BSI). In cooperation with the MSC, the
BSI offered the authorities in attendance an exclusive framework for an exchange of informa-
tion at management level on current national and European cyber security challenges.
The BSI thus expanded its position as a thought leader on information security and made an im-
portant contribution to better networking between the authorities that are responsible for the
topic in their respective countries. At the European level, The BSI has been considered an expert
and strategic partner on matters of information security for many years.
NEWS | 5
CYBER SECURITY2
Video Series with Smartphone
Security Experts
Citizens often ask themselves questions when using mobile devices: How secure are fingerprint and facial scans? How
can I back up my data? What do I need updates for? Answers to these questions are provided by the new BSI video series,
in which two experts each deal with a digital security topic.
The first eight episodes are a cooperation between the BSI and the Verbraucherzentrale NRW (North Rhine-Westphalia
Consumer Advice Centre) and deal with a wide range of questions about smartphones. Another series on Cyber Securi-
ty² will follow in the spring and deal with online payments and online banking. The expertise of the BSI will be comple-
mented by that of an expert from the LKA NRW (State Criminal Investigation Office of North Rhine Westphalia).
RAISING AWARENESS
Joint Information Campaign
by the BMI and the BSI on
IT Security
The Federal Ministry of the Interior, Building and Community (BMI) and the
Federal Office for Information Security (BSI) will launch a joint nationwide infor-
mation and awareness campaign this year. It goes back to the doxing incident at
the end of 2018/beginning of 2019, when huge volumes of personal data on many
public figures were published on the Internet.
According to a representative online survey by the BSI involving 20,000 partic-
ipants, more than 70% of the respondents would like to have more information
about risks on the Internet and more support in the area of digital security. At
the same time, they perceive unauthorised access to sensitive data and personal
information by third parties as the greatest threat on the Internet.
6 | BSI MAGAZINE 2020/01
BSI INTERNATIONAL
Shaping Cyber Security
in Europe
The German EU Council Presidency in the Second Half of 2020
By Joshua Breuer, Section International Relations
In recent years, the European Union has become increasingly important in the area
of cyber security policy. In the second half of 2020, Germany will again assume the
presidency of the Council of the European Union after 2007. This will also provide
the BSI with great opportunities to shape European cyber security.
T
he Council of the European Union (Council of linked to the Council presidency. In the area of cyber secu-
Ministers or Council) is composed of the govern- rity, for example, the presidency is responsible for chairing
ments of the Member States who are represented by the NIS Cooperation Group. The group was created by the
their ministers. The Council meets in various formations Directive on security of network and information systems
and acts as a co-legislator in the EU institutional framework (NIS Directive). For Germany, this task is traditionally per-
together with the European Parliament. Important prepa- formed by the BMI in cooperation with the Federal Office
ratory work for the Council’s activities is carried out in over for Information Security (BSI). Especially here and in the
300 Council working groups. In the area of cyber security, associated “work streams” which deal with individual topics
this is primarily the Horizontal Working Party on Cyber of the Directive implementation as well as newly emerging
Issues, in which Germany is represented under the leader- topics (e.g. 5G), the already existing broad participation of
ship of the Federal Ministry of the Interior, Building and BSI experts offers the opportunity to specifically promote
Community (BMI) and the Federal Foreign Office. German approaches and to advance and shape European
cyber security.
One of the tasks of the presidency of the Council is to lead
the work of the Council, which is expressed in concrete CYBER SECURITY DURING THE COUNCIL PRESIDENCY
terms in chairing various Council bodies. Following the AND THE ROLE OF THE BSI
entry into force of the Treaty of Lisbon, the legal basis for Preparations for the German Council presidency have been
the so-called “trio presidency” was created in 2009 with the underway at the BSI since the beginning of 2019 in close
aim of ensuring a certain degree of continuity in the Coun- cooperation with the BMI. Thematically, one aim will be to
cil’s work. Accordingly, three Member States each coordi- advance current initiatives in the area of cyber security at
nate their presidencies with each other and develop a joint the European level. For example, an evaluation of the NIS
eighteen-month programme. Germany is the first country Directive is planned. On the other hand, the presidency
of the trio to hold the presidency, followed by Portugal and offers the BSI the opportunity to position itself as a leading
Slovenia. The three states had already acted as a trio in this cyber security authority in the EU and to drive important
constellation in 2007, thus marking the beginning of an issues itself. In this sense, Germany will introduce its own
institutional innovation in the EU. Next to responsibilities initiatives and organise a major cyber security conference
concerning the “official” Council bodies, further tasks are in Berlin from 9 to 10 November 2020. As the federal cyber
BSI INTERNATIONAL | 7
security authority, the BSI contributes its expertise to the 2007, it should be noted that Europe is facing a completely
programme and is closely involved in the planning. different environment in the area of cyber security. With
A third pillar of the Council presidency is the exchange and the NIS Directive, a pivotal legislative project was passed in
coordination with the new European Commission, which 2016, and the Cybersecurity Act, which came into force in
intends to follow up on the previous announcements with 2019, also offers completely new possibilities for Europe-
actions in the months to come. For example, the “mission wide IT security certification, especially in regulating the
letter” from Commission President Ursula von der Leyen to “Internet of Things”. In concrete terms, the new framework
Thierry Breton, Commissioner for the Internal Market, en- for EU-wide IT security certification of products, services
visages the establishment of a “joint cyber unit”. Besides, the and processes will create many new “European certificates”.
topic of “Artificial Intelligence” and the implementation of Germany and above all the BSI, with its significant position
the 5G Toolbox, which has just been adopted, will probably in certification throughout Europe, serve as a model and
also fall within the term of the German Council presidency. this expertise will be put to use during the Council presi-
Compared to Germany’s previous Council presidency in dency to fill the new framework with life.
For more information see:
https://www.consilium.europa.eu/de/council-eu/presidency-council-eu/
8 | BSI MAGAZINE 2020/01
Filling the New
Mandate with Life
An Interview with the EU Agency for Cybersecurity New Executive Director Juhan Lepassaar
On 16 October 2019, Juhan Lepassaar took up his new role as Executive Director
of the European Union Agency for Cybersecurity (ENISA), taking over from Udo
Helmbrecht, the former BSI President, who completed his 10-year mandate in
the position. This transition has fallen in a particularly interesting time. Only a few
months earlier, on 27 June 2019, the Cybersecurity Act entered into force. Marking
a new era for ENISA, this EU-regulation not only gave a permanent mandate to the
Agency, but also new tasks, such as responsibilities under the European cyber
security certification framework. Bringing this new mandate to life is now an
important part of Juhan Lepassaar’s new responsibilities.
Mr. Lepassaar, in your previous position as Head of Cabinet Putting ENISA in the bigger context of the new Commis-
for former Commission Vice-President Andrus Ansip you sion under Ursula von der Leyen: how do you see ENISA’s
have already worked in the field of digital policy. What are role regarding new policy priorities?
the lessons-learned you have taken with you that are now Our role is to help policy makers understand the challeng-
relevant in your new role? es ahead of us given the extremely fast developing digital
The digital world is intertwined and interconnected. This world and to assist the different communities involved in
adds complexity, which from the outset can be daunting, implementing cyber security policies once they have been
especially if you are in the process of trying to make sense agreed. A key challenge for the future will be to develop
of it or even, propose to regulate it. The key lesson from my policy in an innovative and flexible manner to ensure that
previous work is the importance of finding right triggers approaches to cyber security achieve a high level of security
and incentives, which can help to increase trustworthiness whilst remaining economically viable. The Agency is in a
or promote good governance and self-regulation of the unique position to address the policy aspects of future cyber
digital environment. challenges and to that end we are looking forward to work-
ing closely with the new Commission. As always, we aim to
ENISA’s new mandate comes also with new resources, achieve this by building proactive cyber security communi-
personnel- and budget-wise. What do you want ENISA to ties that bring together diverse stakeholders to solve issues
look like at the end of your mandate? of common interest.
I want the Agency to engage with a diverse variety of
talented people, covering various fields and competences. Regarding ENISA’s different fields of activity, where do
This is probably the best assurance for being future-proof you see its most important added-value vis-à-vis the
in this age where everything is in flux. But I would also Member States?
like to explore ways how this talent-pool could be shared The Agency acts as a reference point for the Member States,
with other cyber security actors in Europe, not to feed the providing a platform where effective pan-European collab-
growing skills-gap. oration can take place. In this context, it is important that
BSI INTERNATIONAL | 9
the Agency maintains a good understanding of the specific Given the connected nature of modern technology, we
needs of each Member State and how these needs can be must use EU coordination to ensure that the confidentiali-
met whilst pursuing EU-wide objectives. We aim to develop ty, integrity and availability of the data and security of the
closer cooperation within the EU at all levels, working to- technologies meet our societal needs. Policy frameworks
gether with Member States to include all related stakehold- need to integrate all parameters to safeguard the values of
ers to improve cyber security approaches in all walks of life. the European Union enshrined in its policy without stifling
Over the years, ENISA has developed a set of networks innovation.
throughout many of these communities. We will contin-
ue to use these networks in the service of the EU and the The German presidency of the Council of the European
Member States. Union is beginning on 1 July 2020. What are your expecta-
tions and hopes for the German presidency?
Next to already existing EU approaches, what are other We expect that the expertise and experience developed
areas in the digital field where you see needs for European in Germany will be used to benefit all stakeholders on the
solutions? national and European level. It is interesting to note that
There are many areas where European approaches can add Germany adopted its first Cybersecurity Law in 2015 before
value in the digital sphere. In many cases a lot of work has the NIS directive was adopted1). Germany invests a lot in
already been carried out with significant benefits. Good research to protect IT infrastructures and systems and has
examples include the approach to security breach notifica- already created competence centres for IT security. They
tions across the Union and legislation introduced in the area concentrate the skills and competences of the best univer-
of electronic identity (eIDAS). Examples of areas that still sities and non-university research and encourage interdis-
present challenges include autonomous systems, artificial ciplinary cooperation in areas such as security by design,
intelligence (AI) and 5G amongst others. optical-electronic technologies and quantum communi-
The increasing sophistication of new technologies improve cations. We are eager to engage in closer collaboration and
the way society operates but also generates new threats and discussions under the German presidency to welcome their
risks. Extended cyber-attacks, dissemination of credible contribution to the EU effort in securing our EU digital
fake news and attacks on autonomous vehicles, are among world.
those potential security threats.
"The agency
provides a platform
for pan-European
collaboration."
Brief Profile: Juhan Lepassaar
Juhan Lepassaar previously worked as Head of Cabinet for former
Commission Vice-President Andrus Ansip assigned to the Digital
Single Market portfolio. Before, he was Member of Cabinet of
former Commission Vice-President Siim Kallas, European
Commissioner for Transport, and served as Director for EU Affairs
at the Government Office in Estonia.
1)
https://www.bsi.bund.de/it-sig
10 | BSI MAGAZINE 2020/01
CYBER SECURITY
Alice and Bob in
Quantum Land
BSI Presents Initial Recommendations on Quantum Computer-Resistant Key Transport
By Dr. Heike Hagemeier, Section Information Assurance Technology Requirements
The security of digital infrastructures bases upon algorithms for key agreement and
digital signatures. These cryptographic mechanisms cannot be broken using current
means. This no longer applies when universal quantum computers of sufficient perfor-
mance are available (see page 15).
C
ryptographic mechanisms that are supposed to be errors. Therefore, the BSI recommends using Post-Quan-
resistant to attacks by quantum computers (Post- tum Cryptography only in a “hybrid” way if possible, i.e. in
Quantum Cryptography, see BSI Magazine 2018/2) combination with conventional algorithms.
are currently being standardised in a process organised
by the US National Institute of Standards and Technology Besides security, other aspects such as performance also
(NIST). This process will conclude in 2022/23 at the earliest. play an important role in the NIST standardisation process.
Several research activities and experiments on the integra-
The BSI welcomes the activities of the NIST on the stan- tion of the quantum resistant algorithms into cryptograph-
dardisation of Post-Quantum Cryptography. These have ic protocols (such as Transport Layer Security - TLS) mainly
led to a significant intensification of research on quantum focus on efficiency.
resistant algorithms. Nevertheless, these algorithms are not
yet analysed as well as the algorithms currently in use. This The BSI considers the security of cryptographic algorithms
is especially true with regard to weaknesses that become to be of paramount importance. For key transport, the algo-
apparent in application, such as typical implementation rithms FrodoKEM (see page 12) and Classic McEliece are theCYBER SECURIT Y | 11 most conservative choice. Considering the time scale of the This recommendation will be adapted, if necessary, if the NIST process, the BSI has decided not to wait for the NIST to development in the NIST process reaches a more advanced make a decision and recommends these two algorithms in stage. the new version of the Technical Guideline “BSI TR-02102- 1: Cryptographic Mechanisms: Recommendations and Key Lengths” as suitable in principle (in hybrid solutions).
12 | BSI MAGAZINE 2020/01
Frodo is the
“New Hope”
Lattice-Based Cryptographic Algorithms
By Dr. Heike Hagemeier, Section Information Assurance Technology Requirements
What does a mathematician mean when she talks about
a lattice? How relates this to cryptography? How does
“The Lord of the Rings” come into play? A foray into the
world of lattice-based cryptography.CYBER SECURIT Y | 13 WHAT IS A LATTICE? In mathematics, a lattice is a discrete subset of an n-dimen- A simple example of such a system is sional real vector space. Roughly speaking, this definition means that you can add two lattice points and obtain a11 ⋅ s1 + a12 ⋅ s2 + e1 = b1, another point in the lattice, and that there is no other lattice a21 ⋅ s1 + a22 ⋅ s2 + e2 = b2, point in a “small” environment surrounding a lattice point. The two-dimensional example below clarifies the name in which all ai and bi are known integers and all si and ei are ‘lattice’ (see Figure 1). unknown. One can write this in short form as In a lattice one can formulate many problems that are difficult to solve. For example, finding a shortest vector in As + e = b. a lattice. In the lattice in Figure 1, one can solve this task by simply looking at it (red arrow). The computational effort The values ai are combined in matrix A (a type of table; here increases exponentially with the dimension of the lattice, with two rows and two columns) and the values si, ei and bi however. in the vectors s, e and b. Problems that have been shown to be at least as difficult to solve as a lattice problem, such as the Learning-with-Errors The LWE problem thus consists of finding the unknown (LWE) problem, serve as the basis for lattice-based cryptog- vectors s and e if the matrix A and the vector b are given. raphy. One can roughly summarize the LWE problem as the Again, the dimension (the number of equations and the difficulty of solving a linear system of equations that has number of unknowns) must be sufficiently large. Therefore, been disturbed by a “small” error. the matrix A can easily reach several kilobytes in size Figure 1
14 | BSI MAGAZINE 2020/01
HOW RELATES THIS TO CRYPTOGRAPHY?
It is assumed that the problems described above could not
be solved efficiently even with a quantum computer. Thus,
they offer an approach to Post-Quantum Cryptography.
The security of lattice-based cryptography bases on the dif-
ficulty of these problems, in fact. Therefore, one considers
lattice-based mechanisms as quantum-resistant.
The first practicable lattice-based algorithms for key
agreement sought to save the well-known Diffie-Hellman
key exchange into a post-quantum world. Figure 2 roughly
outlines this approach.
An essential difference to the classic Diffie-Hellman
method is that Alice and Bob initially only receive approx-
imately the same result. A mechanism (“reconciliation”) is
still needed to calculate a common secret. For this purpose,
further information in addition to the public keys b and b'
must be sent.
WHAT IS THE STATE OF ART?
This approach is no longer being pursued. Currently,
thefocus is on key transport mechanisms. This is partly
due to the fact that the National Institute of Standards and
Technology (NIST) explicitly asked for key transport mech-
anisms in its standardisation process. On the other hand,
this facilitates reconciliation, as there is no need to transmit However, it also means that there is not yet the same level
additional information. of confidence in security. Although no attacks that exploit
the additional structure are currently known, algorithms
Many lattice-based algorithms use a cyclic matrix. The whose security is based on standard LWE problems are the
elements of the first row completely define such a matrix. more conservative choice.
Therefore, it is sufficient to store or transmit only this first
row. In addition, this also simplifies some of the calcula- HOW DOES “THE LORD OF THE RINGS”
tions. The corresponding problem is called Ring-LWE. ’New COME INTO PLAY?
hope’ is an example of an algorithm based on Ring-LWE. The key transport FrodoKEM is an example. FrodoKEM is
In 2017, Google implemented this algorithm in its browser one of the candidates of the NIST standardisation process
Chrome on a test basis. and NIST selected it for the second round. The BSI recom-
mends FrodoKEM as one of the first quantum computer-
The security of lattice-based mechanisms is based on either resistant key transport mechanisms in the Technical Guide-
standard LWE problems or LWE problems (e.g. Ring-LWE), line TR-02102-1 (see article on page 11). Anyone wondering
where the matrix has a special structure (as described why the inventors named their algorithm after a character
above). The additional structure has the advantage that from “The Lord of the Rings” should know that the title of
the algorithms are more efficient and require smaller keys. the first publication was “Frodo: Take off the ring!”
Public parameters: q, n, matrix A with n rows and n columns, with integer
elements between 0 and q.
Alice Bob
Select "small" vectors s, e. Select "small" vectors s', e'.
Calculate public key b = As + e. Calculate public key b' = s'A + e'.
b
b'
b's = (s'A + e')s ≈ s' As s'b = s'(As + e) ≈ s' As
Figure 2CYBER SECURIT Y | 15
Quantum Computers and
Quantum Superiority
By Univ. Prof. Dr. Frank Wilhelm-Mauch, Department of Physics, Saarland University
Everyone is talking about quantum computers these days. There are signs of a hype,
especially since a reserach group at Google published an experiment that shows the
superiority of their quantum computer over the world’s largest supercomputers. This
breakthrough result is difficult to grasp and there is a lot of uncertainty. What is behind
the headlines claiming Google’s quantum supremacy and what impact is this having on
information security?
T
he concept of a quantum computer can be grasped in two
ways – theoretically and in terms of actual hardware.
In theory, the difference between quantum computers
and today’s traditional computers is the way in which classical
binary data is processed between input and output. In quan-
tum physics, systems such as elementary particles can assume
several classically allowed coordinates in superposition. Here,
“in superposition” means that several positions are possible at
the same time and that different locations appear with certain
probabilities when an attempt is made to measure the particle’s
position.
In a quantum computer, this principle is applied to the contents
of binary data registers: a quantum computer can be in a state
that is a superposition of the classical binary values in the same
sense. The effect can be understood as massive quantum paral-
lel computing – the quantum computer executes an algorithm
on a superposition of any number of register values but only
requires a single processor core for this. Parallelism is currently
Brief Profile: Prof. Dr. Frank Wilhelm-Mauch
also the biggest driver of acceleration in normal computers, but
there, an additional processor core is needed for each parallel Prof. Dr. Frank Wilhelm-Mauch studied and received
strand of the calculation. his doctorate in physics at the University of Karlsruhe,
today’s KIT. After positions at TU Delft, Ludwig-Max-
It would however not be justified to proclaim the quantum imilians-Universität München and the University of
Waterloo, he has been University Professor of Theo-
computer as the ultimate parallel computer, because the aspect
retical Physics at Saarland University since 2011.
of probability must be taken into account: The user, of course,
would like to obtain the correct result with high propability. At Wilhelm-Mauch has been working on various ques-
the end of the calculation, the superposition must be reassem- tions involving quantum computing and the hardware
bled into one or a few results (“un-computing”). To this extent platform of superconducting circuits since 1999. He is
(and due to properties of the instruction set), classical applica- a member of the Strategic Research Agenda Working
Group of the EU Quantum Technology Flagship for
tions cannot be simply transferred to the quantum computer
Quantum Computing and Strategic Resources and
and simply parallelized. coordinates the flagship project “An Open Supercon-
ducting Quantum Computer” (OpenSuperQ). He is
In practice, the hardware of quantum computers is still quite also the lead author of the BSI study entitled “Status
heterogeneous – quite comparable to the history of the classical of quantum computer development.”
computer, which ranges from relays to tubes to modern chips.16 | BSI MAGAZINE 2020/01
Quantum computer engineers must perform quite a bal- The error rate of quantum operations is at least as import-
ancing act: On the one hand, quantum physics is the physics ant. This is initially quite surprising. Hardware errors rarely
of the smallest, isolated elements of matter – therefore the play a role in normal computers because the semiconductor
components (qubits) must be isolated. On the other hand, logic used stabilises itself. This is not the case with quantum
the quantum computer must be able to perform read and computers:
write operations and be flexibly usable and connectable –
which is a challenge with isolated elementary particles. • On the one hand, the rich structure of quantum states al-
lows significantly more error options than in the classical
Among the various candidates for technologies, two plat- case.
forms are currently regarded as leading (other platforms • On the other hand, with analogue errors as well as with
are being successfully researched, but are currently less the tendency of open systems to behave classically after
advanced): a long time – i.e. to lose their quantum properties – error
mechanisms occur that have no equivalent on traditional
• Atomic ions trapped in a high vacuum are a technology digital computers. Today, error rates of 1:1000 are the
related to atomic clocks. Input and output are performed start of good qubits and 1:1000000 is the best that has ever
by using lasers and cameras. been achieved. But even that means that at a MHz clock
• On the other hand, there are chips made of superconduct- frequency, an error occurs every second.
ing metals (aluminum and niobium) that are operated at
very low temperatures. There are two basic approaches to address this problem:
Noisy Intermediate-Scale Quantum Technology (NISQ)
Other platforms are being researched, but are currently less is used to test how far you can go with faulty computers.
developed. The number of computing steps limited by the error rate
allows only short algorithms. The potential of quantum
What both platforms have in common is that they are acceleration lies in algorithms that classically fail because of
still experimental technologies that must find their way memory rather than time, e.g. in theoretical chemistry.
from the laboratory to application. This includes extreme
conditions: ultra-high vacuum or temperatures close to If one wants to go beyond that, active error correction and
absolute zero, which is quite manageable on the scale of data fault-tolerant computing are required. Here, logical qubits
centres. This is also where we would expect to find quantum – qubits that the algorithm needs – are encoded in a larger
computers because of the possible applications. number of physical qubits (i.e. real components) and cor-
rected by comparison measurement. As long as the qubits
WHERE CAN QUANTUM COMPUTERS BE USED? are good enough, the effective error rate can be further
As described above, the art in developing quantum algo- suppressed. The resulting overhead is considerable, howev-
rithms is to take advantage of massive quantum parallelism er. The route to error tolerance is described in detail in the
and still end up with a result that is not masked by chance. BSI study www.bsi.bund.de/qcstudie. It outlines five layers
This results in acceleration. The number of steps to the of intermediate steps that allow progress in this direction to
result can increase significantly more slowly with the size of be evaluated.
the task than on normal computers.
QUANTUM SUPERIORITY AT GOOGLE
This was shown for a number of tasks, including search- In October, the hardware group at Google, led by John Mar-
ing unstructured databases and various tasks in machine tinis, published a decisive result on quantum superiority.
learning. One example is prime factorisation, which has a What was shown there? A hardware platform in the form of
profound influence on the security of cryptographic pro- a chip made of superconducting qubits connected in a 6 x 9
cesses, as well as the simulation of molecules and materials rectangle. 53 of the 54 qubits worked. The processor is oper-
for the chemical and other industries. The latter is generally ated as NISQ. The error probabilities for the limiting 2-qubit
regarded as the first application, as it places lower demands gates were consistently below one percent.
on the hardware than the others.
As a benchmark for quantum superiority, the Google team
WHERE DOES HARDWARE DEVELOPMENT STAND? set up a task that made it easy for the quantum computer to
In the media, the number of qubits is often cited as an indi- play to its strengths. A suitable random algorithm was pro-
cator of development. The initially modest numbers of bits cessed, which simulated the physical phenomenon of quan-
become more impressive when compared to what a normal tum chaos. Reproducing this result on a normal computer
computer needs to simulate a quantum computer – N qubits would require 253 complex numbers in memory – more than
require 2N complex floating-point numbers. the largest supercomputer currently has available.CYBER SECURIT Y | 17
Typical cooling machine for the
operation of qubits (chip at the bottom).
The copper plates are used for
temperature equalization.
This is undoubtedly a technological masterstroke that this encryption will be irretrievable. This refers first and
will enable the further development of larger and better foremost only to public-key cryptography, however. Sym-
quantum processors. It is just as unlikely to be considered metric procedures can still be quantum secure if the key
“useful” as the Wright brothers’ first flight, but could yield length is sufficient.
similar key results.
The compiled algorithms are long and complex though –
REFERENCE TO CRYPTANALYSIS about 1012 time steps. This will require active error correc-
Cryptanalysis is a possible application of quantum com- tion at human discretion. Although Google’s breakthrough
puters. Current RSA cryptography is based on the difficulty was an important step in this direction, the actual relevance
and exploding efforts to decompose large integers into their for cryptanalysis is still a long way off. Nevertheless, for
prime factors on normal computers. Quantum computers long-term information security, it is important to enter
do not have this limitation, they can achieve this in a time into a process to make cryptographic infrastructures
that increases with the size of the integer only very slowly. quantum-safe now. It would hardly by appropriate to panic,
Therefore, once quantum computers have decoded RSA, however.18 | BSI MAGAZINE 2020/01
A New Approach
29th Cyber Security Day of the Alliance for Cyber Security
By Till Kleinert, Section Cyber Security for the Private Sector and Alliance for Cyber Security
The Alliance for Cyber Security (ACS) and the German Chambers of Industry and Com-
merce (DIHK) attracted many interested parties to the 29th Cyber Security Day in Berlin
on 26th September 2019 by launching a new event concept. After all, even if many issues
in the context of cyber security can be solved individually, it is much easier and better if
you can learn from the experiences and insights of others.
A
n exhibition, interactive formats and expert presen- Projects already completed for the ECSM – such as the IT
tations on current cyber security challenges – the emergency card, which many cyber security initiatives and
29th Cyber Security Day at the Haus der Deutschen partners as well as the BSI had realised under the umbrella
Wirtschaft in Berlin had a lot to offer to participating com- of ACS – were presented in an exhibition. At the same time,
panies, cyber security initiatives, associations and authori- the Alliance for Cyber Security reported live via social
ties. The Alliance for Cyber Security pursued a new concept media and captured the event on video (https://www.
for this event, which was noticeably different from previous allianz-fuer-cybersicherheit.de/ACS/CSTVideo) for the first
Cyber Security Days. time.
The focus was not only on presentations, but also on An event of this magnitude demanded a huge commitment
offering many opportunities to cooperate on various cyber from the organisers, not only on the day itself, but also in
security topics. The moderators used barcamps to guide the advance. The DIHK and ACS had already started coordinat-
creativity of the participants and to realize tangible work ing it several months earlier. The effort proved to be worth
results. Project proposals for the European Cyber Security it: With more than 300 representatives of German organisa-
Month (ECSM), which started only a few days later, were tions, the 29th Cyber Security Day experienced a previously
shared at short notice in workshops. unattained level of interest. The feedback from the guestsCYBER SECURIT Y | 19
Cyber Security Days
The Alliance for Cyber Security organises
six Cyber Security Days per year at different
locations throughout Germany under the
patronage of the BSI in cooperation with
multipliers such as associations, chambers,
initiatives or networks. The events are
designed for a group of up to 200 participants
and deal with a current topic of cyber security.
Guests get to know different perspectives in
expert presentations, brief workshops and
discussion groups.
Upcoming events will be announced on the
webpage of the Alliance for Cyber Security.
also reflected that the new concept was well received.
The team of the Alliance for Cyber Security will therefore
again incorporate various interactive elements into the
event planning for the next Cyber Security Days.
Here you can find out why you should attend a Cyber Security Day:
https://www.allianz-fuer-cybersicherheit.de/cybersicherheitstag20 | BSI MAGAZINE 2020/01
Professional Companions
Certification as an IT-Grundschutz Consultant
By Johannes Oppelt, Section BSI Standards and IT-Grundschutz
The BSI Report on the state of IT Security in Germany 2019 recently demonstrated quite
impressively, once again, that the danger of companies and authorities becoming victims
of a cyber-attack is still high. At the same time, the attacks are becoming increasingly
professional. In addition, there are the fundamentally important internal challenges:
clearly defined processes and responsibilities for information security issues, well-trained
employees – ideally a management system for information security in accordance with
IT-Grundschutz. This is where the certification of individual persons as IT-Grundschutz
consultants comes into play.
M
any companies and authorities are in need of a of IT-Grundschutz. Trained IT-Grundschutz consultants
knowledgeable consultant on their side to plan can advise institutions on all IT-Grundschutz topics thanks
and implement IT security measures and pro- to their proven expertise. For example, they can support
cesses. Smaller institutions in particular are often unable to authorities and companies in developing security concepts
handle on their own the extensive tasks this involves due to or an ISMS. In day-to-day operations, they can define mea-
a lack of personnel or financial resources. External expertise sures based on IT-Grundschutz, together with the respon-
is usually also needed to implement, subsequently estab- sible employees of the institution, and implement them in
lish and maintain a comprehensive Information Security operations. Certified IT-Grundschutz consultants can also
Management System (ISMS). help prepare an ISO 27001 audit based on IT-Grundschutz.
INFORMATION SECURITY ACCORDING TO “With its certification offer, the BSI, as the national cyber se-
IT-GRUNDSCHUTZ curity authority, sets the standard for a uniformly high level
The BSI therefore offers interested users personal certifi- in the training of experts,” explains the President of the BSI,
cation as IT-Grundschutz consultants. The certification Arne Schönbohm. “They can pass on the recommendations
offering is based on a two-stage training concept. In the first and measures from IT-Grundschutz in a well-founded and
stage, a certificate as an IT-Grundschutz practitioner can be competent manner in actual practice.
obtained before personal certification as an IT-Grundschutz
consultant is possible (see Figure 1). Each individual IT-Grundschutz consultant can thus make
an important contribution to the resilience of the German
The aim of this certification option, which is still quite new, economy and public administration in the area of informa-
is to achieve a uniform and high level of training in the area tion security in the future,” he adds.CYBER SECURIT Y | 21
"With its certification offer, the BSI as the federal
cyber security authority sets the standard for a
uniformly high level in the training of experts."
IT-GRUNDSCHUTZ EXPERTISE IS IN DEMAND
More than 20 providers now offer training courses in ac-
cordance with the BSI’s guidelines. In 2019, over 300 people Certified IT-Grundschutz-
Consultant
were already trained as IT-Grundschutz practitioners and
more than 50 people were certified as IT-Grundschutz
consultants. The high demand for the new personal certi-
fication reflects the need for expert support and consulting
on the introduction, operation and further development of
information security in institutions.
Examination at the BSI
• Interested users can first complete the basic training course
to become an IT-Grundschutz practitioner and take an
examination. This training is suited for everyone interest-
ed in information security and provides basic knowledge Advanced training
with a provider
about IT-Grundschutz.
• An advanced training course is concluded by receiving a
personal certification as an IT-Grundschutz consultant.
This path is recommended for users who already have ex- IT-Grundschutz-Practitioner
tensive practical experience in the area of IT-Grundschutz.
The BSI cooperates with training providers who offer inter-
ested users the basic training course to become an IT-Gr- Examination by a training
provider
undschutz practitioner and the advanced training course to
self studies
become an IT-Grundschutz consultant. It provides a curricu-
lum for this. The examinations to become an IT-Grundschutz
consultant are also conducted by the BSI. Basic training with a
traning providing
Figure 1
For more information see:
https://www.bsi.bund.de/gsberater22 | BSI MAGAZINE 2020/01
Qualified Approval
Procedure
IT Security Products for the Protection of Classified Information
By Frank Sonnenberg, Thomas Borsch, Section Classified Information Product Approvals
The BSI has the obligation to strengthen and maintain IT security as part of its legal
mandate. This includes providing the federal government, the federal states (Länder) and
industries that are obliged to secrecy with IT security solutions that are approved for
the processing of classified information. Increasing digitalisation, ever shorter innova-
tion cycles and constantly changing threats represent a major challenge for the security
of IT systems protecting classified information. Therefore, innovative methods must be
developed at an early stage to identify the need for IT security-relevant technologies,
to define the corresponding requirements, to implement these into realisable product
developments and to provide the respective market with an approved solution for the
protection of classified information in a timely manner.
A
pproval procedures required by the German fication level “VS – NUR FÜR DEN DIENSTGEBRAUCH
administrative directive VSA are generally very (VS-NfD),” (internationally comparable to a RESTRICED
extensive and time-consuming due to their classification level) which make up a high percentage of the
complexity. This is particularly attributable to the fact that approval procedures.
the evaluation methodology used for the procedures is
closely aligned with the common criteria and their formal QUALIFIED DEVELOPERS
approach. This means that IT security products with short The basic approach of the Qualified Approval Procedure
innovation cycles do not appear suitable for such evaluation is to systematically value the security of the development
procedures at first glance. environment and the processes of the product developer
in addition to merely technical evaluation criteria. The
Software products and mobile communication devices suitability assessment in this area is expressed by the title
in particular are highly exposed to constantly changing “Qualified Developer” that is assigned by the BSI In contrast
attack vectors. In order to be able to use them as products to pure product evaluation, this is an up-to-date approach
protecting classified information, effective approaches must that takes a global view of IT security over the entire life
be newly developed as quickly as possible and they must be cycle of a IT security product.
used for the approval of IT security products. The resulting
more difficult time frame poses a major challenge for the With the Qualified Approval Procedure, VS-NfD products
approval of products protecting classified information, from Qualified Developers are to pass through a well-de-
as the short reaction times required by the industry are fined evaluation process efficiently and yet effectively. In
contrary to the established evaluation and approval process. this context, “efficient” and “effective” are understood to
It is therefore important to make the approval procedures mean the realisation of timely evaluation results, with an
more efficient in the future, while maintaining the same optimised and resource-saving procedure while main-
level of assurance. In order to meet this objective, the BSI taining the level of assurance of the approved IT security
has developed the “Qualified Approval Procedure” for IT product. However, the regular approval procedure remains
products protecting classified information of the classi- valid and is used for approvals on classification levels higherCYBER SECURIT Y | 23
one-time additional
Evaluation
time and effort
100%
(standard procedure)
Evaluation
approx. 4% processes
57%
efforts saved by trend
approx. 52%
approx. 48%
Development documentation
100%
109%
Developer documentation approx. 3% conceptual evaluation
approx. 5% processes Developer documentation
43%
approx. 1.2% * * informal architecture
approx. 52% ca. 57% approx. 40% & informal crypto
concept
Standard Approval Procedure Developer Qualification Qualified Approval Procedure
Figure 1: Expenditure standard procedure vs. qualified procedure
than VS-NfD, as well as for developers who have not yet developed a product in accordance with the developer
been qualified. processes reviewed by the BSI and has generated all the
product evidence required within the scope of a regular
To achieve this goal, an alternative procedure for the ap- evaluation and could, if necessary, submit this to the BSI
proval of IT security products had to be defined. Before this, for review.
the assurance of an approval statement was based exclusive-
ly on a purely technical evaluation of the entire IT product The figure below illustrates the benefit that results from
being subject to approval. In order to reduce the time-con- the application of the Qualified Approval Procedure and is
suming and extensive individual product evaluations, it actually confirmed by the procedures already completed
was necessary to compensate these by using different, but (see Figure 1).
technically equivalent assurance criteria.
EVALUATION EFFORT IS REDUCED SIGNIFICANTLY
This is achieved by integrating and evaluating compa- The efforts caused by the Qualified Approval Procedure
ny-wide process-oriented security requirements as part of are reduced to less than 50 percent after the developer has
the approval assurance statement. Based on the Common successfully completed the developer qualification. This is
Criteria, they comprise all phases of the entire life cycle offset by only a one-time additional expenditure of approx-
of an IT security product, from the early planning phase imately 9 percent. This additional expenditure is caused
(requirement phase), through development, market launch, by the initial process evaluation of the company during its
maintenance and support, to regulated discontinuation and developer qualification that also needs to be performed.
end-of-life of the product. Once this has been successfully completed, all subsequent
VS-NfD approval procedures that make use of these de-
Thus, the Qualified Approval Procedure is based on the velopment processes can be carried out with the Qualified
following assurance aspects: Approval Procedure.
• Assurance of development processes and the develop- Besides the reduction in expenditure, the duration of a
ment environment: A Qualified Developer has to meet Qualified Approval Procedure is also reduced significantly,
special requirements of the BSI for the development and since only a conceptual product evaluation of certain eval-
evaluation of its IT security products. Developer Qual- uation aspects is required. The detailed, in-depth and itera-
ification is granted by the BSI on the basis of specific tive evaluation applied in the standard approval procedure,
well-defined criteria. which essentially leads to an extension of the procedure, is
• Conceptual product evaluation: The regular purely no longer necessary in the Qualified Approval Procedure.
technical evaluation of the entire product is reduced to a In summary, the Qualified Approval Procedure thus leads
conceptual evaluation in the Qualified Approval Proce- to more efficient coverage of the demand for approved
dure. It is an informal but systematic way to assess the products. For the participating companies, the focus is
basic architecture and security features of the IT security on the aspect “time to market,” in addition to a financial
product to be approved. advantage from the procedure, better controllability and
• Mandatory developer declaration: The developer assures timely market introduction of improved and secure IT
the BSI in writing in a developer declaration that he has security products.24 | BSI MAGAZINE 2020/01 Electronic Identities on the Smartphone How to Use Mobile Identities Securely By Rainer Schönen, Section Cyber Security in Health and Finance Shopping is done via web shops, media is streamed online, social interaction takes place via social media and (bank) transactions are completed on the tablet or mobile phone. Much of today’s life is digital. That’s why the BSI is collaborating on the OPTIMOS 2.0 research project to ensure that electronic identities can be stored securely on smart- phones. The goal is to ensure that even data-sensitive services can be used on mobile devices.
CYBER SECURIT Y | 25
A
n electronic identity (eID) is needed to be able to the guideline provides specifications for the issuance and
use a wide range of online services. The term eID administration of an eID, but also on which authentication
is actually quite generic and can stand for a wide mechanisms must be used. From this, it can be deduced
range of online accesses, such as: that at least a substantial assurance level is necessary to
store and manage eIDs in a smartphone in a sufficiently
• the pseudonym with which one is active in an online secure manner.
forum,
• the account in a social network, To meet this substantial assurance level, the system must
• the holder of a digital car key stored on the smartphone, be able to prevent an attack with the attack potential
• a buyer in an online shop or “moderate” in the sense of the Common Criteria Evalu-
• the bank client during online banking. ation Methodology or ISO 18045. In order to implement
these requirements securely, the BSI recommends using
Each of these eIDs must be protected against misuse, with a hardware anchor, as otherwise a successful attack on
the level of protection varying depending on the type of cryptographic material protected only by software means
electronic identity. Sometimes it suffices to enter simple cannot be ruled out.
access data (e.g. user name and password), but this type
of protection is not sufficient for sensitive data or access Modern smartphones have such a hardware anchor in the
to high-priced goods. For example, if you want to gain form of a secure element. These are available in the form
access to a building or display your annual public transport of embedded security elements or an embedded SIM card.
ticket on your smartphone, these functionalities should be Both variants of a secure element are functionally closely
protected better than by simply entering a user name and related to the well-known plastic smart cards and achieve
a password. Otherwise, these forms of eIDs can fall into a very good security level by using advanced security
unauthorised hands too easily. functions.
Of course, it is not necessary to comply with the highest se-
curity requirements for all applications. However, the user OPTIMOS 2.0
rightly expects that his identity cannot simply be stolen or A consortium of universities, public authorities and
manipulated. companies is developing solutions in the OPTIMOS 2.0
research project funded by the German Federal Ministry
PROTECTION OF EIDS of Economics and Energy on how eIDs can be securely
Like any networked device, smartphones are constantly and practically transferred to smartphones according
exposed to the danger of a cyber-attack. Therefore, special to the above-mentioned criteria. With OPTIMOS 2.0,
requirements must be met to ensure that eIDs are stored an infrastructure is to be created that is accessible to all
safely on the smartphone. Here, a look at the “Regulation service providers without discrimination and meets the
(EU) No. 910/2014 on electronic identification and trust highest security and data protection standards. The central
services for electronic transactions in the internal market element here is the Trusted Service Provider, which acts as
and repealing Directive 1999/93/EC,” 1) or eIDAS Regulation an interface between service providers and end customers
for short, and its defined assurance levels is worthwhile. and takes over the task of placing the eIDs on the hardware
anchor. The user only needs to install his apps from the
The eIDAS Regulation distinguishes between three assur- respective app store as usual. To make this possible, the BSI
ance levels: low, substantial and high. Each of these levels is involved in standardising the necessary components, in-
is associated with a resistance to a defined attack potential. terfaces and processes so that the technology that has been
The BSI Technical Guideline TR-03107 is the national developed is available to as many end users as possible.
version of the eIDAS regulation. It offers many indications
as to which requirements must be met in order to achieve
the above-mentioned assurance levels and thus a certain
degree of resistance to cyber-attacks. Among other things, 1)
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32014R0910&from=EN
For more information see:
https://www.bundesdruckerei.de/de/Unternehmen/Innovation/OptimosYou can also read
