ETSI has released a new specification for Covercrypt, a Key Encapsulation Mechanism with Access Control (KEMAC) that ensures both pre-quantum and post-quantum security through hybridization. This scheme allows session keys to be encrypted based on user attributes, enabling anonymous access for authorized users while maintaining strict policy enforcement for data decryption. The solution offers high efficiency with encapsulation and decapsulation times measured in hundreds of microseconds, facilitating seamless integration into existing commercial security products. As organizations begin adopting quantum-resistant encryption to future-proof their data, vendors like Cosmian are already launching standardized libraries based on this new framework.
Keywords: Covercrypt, hybrid encryption, attribute-based access control, quantum-resistant, KEMAC