ISG ETI Activity Report 2022

Industry Specification Group (ISG) Encrypted Traffic Integration (ETI) Activity Report 2022

Chair: Tony Rutkowski, CIS
Vice Chair: Scott Cadzow

Defining requirements and identifying use cases of Encrypted Traffic Integration techniques, to mitigate against threats to networks and users arising from the deployment of encrypted traffic.

A paradigm of ‘encrypted by default’ has been adopted by many network and service providers, without taking due account of any threats to network resilience and security. The network management oversight that is accepted for non-encrypted traffic – together with the ability to secure and protect enterprise networks and data centres – may be lost when an all-encrypted paradigm is adopted.

ETSI’s Industry Specification Group on Encrypted Traffic Integration (ISG ETI) aims to develop insights on the evolutionary path of this paradigm, as well as its impact on network resilience and on security where attackers may take advantage of encryption to spread malicious code or exfiltrate protected customer or sensitive data through networks. A primary goal of the group is to better describe the issues and to establish essential requirements to allow for retention of network controls and protection, thus giving guarantees of security and resilience despite the growth of such a paradigm.

The group seeks to challenge the rationale used for pervasive encryption, namely that only the end point of a communication channel can be trusted. In practical terms, pervasive end-to-end encryption bypasses many of the trusted entities that enable it to happen. This has an often negative impact on aspects of security whilst promoting only one dimension – that of confidentiality. Trusted routing, content optimised channels and support for attestation of identity are all among important dimensions that over-stressing confidentiality misses.

ISG ETI serves as ETSI’s principal support response for two significant EU enactments: (1) the EU Encryption Resolution [Brussels, 24 November 2020, 13084/1/20 Rev. 1, Council Resolution on Encryption - Security through encryption and security despite encryption], and (2) the encryption clauses of the NIS2 Directive [Arts. 5 and 18, Brussels, 16.12.2020, COM(2020) 823 Final, 2020/0359 (COD), Proposal for a Directive of the European Parliament and of the Council on measures for a high common level of security of network and information systems across the Union].

As a pre-standardization activity, the work of ISG ETI is intended to frame security concerns arising from widespread adoption of encryption by default, and to build the foundation of a longer-term response to threats to networks and users.

Through the development of Group Specifications (GS) and Group Reports (GR), ISG ETI defines requirements and identify the use cases of Encrypted Traffic Integration techniques to mitigate against threats to networks and users arising from the deployment of encrypted traffic. These detailed specifications of mitigation measures are being developed with a view to their further development in ETSI Technical Committees that are identified as appropriate for their adoption.

Adopted in December 2020, the EU Council Resolution on Encryption recognizes the complexity of the technology's application in ICT networks and the variety of needs it services. In most circumstances, encryption of usefully enhances user security and privacy; however, it can also be used for an array of network harms and criminal purposes that requires visibility for both operational and law enforcement purposes. Published in October 2022, ISG ETI’s Group Report GR ETI 006 provides guidance to support implementation of the EU Council Resolution.

Currently in development, a further Group Report presents a requirements definition and analysis, identifying requirements for enabling integration of trusted encrypted network traffic. This GR endorses two key characteristics of ETI enabled networks: Transparency of the role and use of encryption; Zero-Trust to ensure that only known entities with known and verified capabilities are used in the network. These key requirements from the GR are to be further developed in a Group Specification on the means to achieve the transparency and trust framework for ETI. The intent is that a network manager – as an authorized user – is able to identify and to access encrypted traffic for management or other lawful purposes.

A survey of the ETI ecosystem – including bodies and activities for Encrypted Traffic concepts, techniques and capabilities – is maintained in a regularly updated Wiki (https://etiwiki.etsi.org).

See the full list of ISG ETI Work Items currently in development here.

We use cookies or similar technologies to collect data about your use of this website and to improve your experience when using it. To find out how to disable our cookies, please visit our Privacy Policy.
I accept cookies from this site. Accept