8 Quality assurance requirements

33.1053G Security3GPPCryptographic algorithm requirementsRelease 17TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

This clause advises the design authority on measures needed to provide users of the algorithm with confidence that it is fit for purpose, and users of the algorithm specification and test data assurance that appropriate quality control has been exercised in their production.

The measures shall be recorded by the design authority in a design and evaluation report which shall be published as a 3GPP specification.

8.1 Quality assurance for the algorithm

Prior to its release to 3GPP, the algorithm needs to be approved as meeting the functional requirements specified in clause 7 by all members of the design authority.

8.2 Quality assurance for the specification and test data

Prior to delivery of the algorithm specification, two independent simulations of the algorithm needs to be made using the specification, and confirmed against test data designed to allow verification of significant points in the execution of the algorithm.

Design conformance and algorithm input/output test data needs to be generated using a simulation of the algorithm produced from the specification and confirmed as above. The simulation used to produce this test data needs to be identified in the test data deliverables and retained by the design authority.

8.3 Design and evaluation report

The design and evaluation report is intended to provide evidence to potential users of the algorithm, specification and test data that appropriate and adequate quality control has been applied to their production. The report shall explain the following:

– the algorithm and test data design criteria;

– the algorithm evaluation criteria;

– the methodology used to design and evaluate the algorithm;

– the extent of the mathematical analysis and statistical testing applied to the algorithm;

– the principal conclusions of the algorithm evaluation;

– the quality control applied to the production of the algorithm specification and test data.

The report shall confirm that all members of the design authority have approved the algorithm, specification and test data.

The report shall contain key conclusions from the commissioned closed evaluation of the algorithm.