Security algorithms

An encryption algorithm is a mathematical procedure used to encrypt data. Through the use of an algorithm and a key, information is encoded into cipher text and requires the use of a 'key' to transform the data back into its original form.

Algorithms are an essential part of a technology to ensure effective and secure authentication, as well as to provide integrity and encryption. ETSI creates cryptographic algorithms and protocols specific to fraud prevention, unauthorized access to public and private telecommunications networks and user data privacy.

ETSI is custodian of these algorithms, as well as algorithms produced by other organizations. We are also custodians of other codes and test suites.

ETSI Security Algorithms Group of Experts (SAGE) provides standards makers with cryptographic algorithms and protocols specific to fraud prevention, unauthorized access to public and private telecommunications networks and user data privacy.

The group's output includes algorithms for audiovisual services, 3GPPTM, DECTTM, GSMTM, TETRA, GPRS and Universal Personal Telecommunications (UPT). Where appropriate, the group collaborates with other ETSI committees and with other organizations in order to ensure that the algorithms produced fully meet the needs of the technologies and services in which they are used.

Mobile communications

For example, working with the 3GPP Organizational Partners, SAGE has produced the A5/3 encryption algorithms for GSM and EDGE (Enhanced Data rates for GSM Evolution), and the GEA3 algorithm for the General Packet Radio Service, GPRS.

SAGE is also responsible for the specification of the Milenage algorithm set, an example algorithm set for the 3GPP authentication and key generation functions.

SAGE has also developed security algorithms for the UMTS radio interface (UTRA) in collaboration with the 3GPP™ Organizational Partners.

Whilst the algorithms are considered to be extremely robust, there is always a need to have alternative solutions ready should a breach of security ever occur. For this reason, SAGE has produced an alternative set of security algorithms for UTRA and keeps working on new algorithms to anticipate future security needs.

ETSI's custodian role

Implementation of the various algorithms is generally subject to a license which restricts their utilization to the telecommunications equipment or service for which they have been designed.

ETSI acts as a custodian for the algorithms developed by SAGE, as well as other codes and algorithms, and is responsible for the distribution and licensing of confidential information and documents.

A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.