Work item:
|
QSTR-USSD (ex TR-USSD)
|
Subject/title:
|
Low resource requirement, quantum resistant, encryption of USSD messages for use in financial services
|
Status:
|
Agreed on 2021-12-10
|
Approval process:
|
Agreement
|
Type of work item:
|
Technical report
|
Version:
|
New
|
Equivalent number:
|
-
|
Timing:
|
-
|
Liaison:
|
-
|
Supporting members:
|
Vaulto Technologies, China Mobile, China Telecom, Kenya
|
Summary:
|
According to ITU-T QSTR-SS7-DFS "SS7 vulnerabilities and mitigation measures for digital financial services transactions" USSD is a main medium in which financial fraud is being committed. Due to its clear text form and lack of authentication, fraudsters can gain unlawful access to victim's accounts and transfer money out. The purpose of the Technical Report is to examine new technologies for encryption of USSD in end-to-end manner and estimate its applicability to be integrated into existing USSD technology, suggesting new recommendation and signalling requirements for the integration of such technology into the existing reference architecture. The Technical Report focuses both on the core-network end and on the UE end, to recommend the appropriate and most secure location for such encryption technology to me implemented. Another aspect of this Technical Report is to examine the encryption under quantum computing attacks, and to set the standard for quantum resistant encryption in telecom.
|
Comment:
|
-
|
Reference(s):
|
|
|
Historic references:
|
Contact(s):
|
|
ITU-T A.5 justification(s): |
|
|
|
First registration in the WP:
2020-03-25 14:29:48
|
Last update:
2021-12-20 16:23:07
|