Paper 2022/1367

Agile Cryptography: A Universally Composable Approach

Christian Badertscher, Input Output, Switzerland
Michele Ciampi, University of Edinburgh
Aggelos Kiayias, University of Edinburgh & Input Output, UK

Being capable of updating cryptographic algorithms is an inevitable and essential practice in cryptographic engineering. This cryptographic agility, as it has been called, is a fundamental desideratum for long term cryptographic system security that still poses significant challenges from a modeling perspective. For instance, current formulations of agility fail to express the fundamental security that is expected to stem from timely implementation updates, namely the fact that the system retains some of its security properties provided that the update is performed prior to the deprecated implementation becoming exploited. In this work we put forth a novel framework for expressing updateability in the context of cryptographic primitives within the universal composition model. Our updatable ideal functionality framework provides a general template for expressing the security we expect from cryptographic agility capturing in a fine-grained manner all the properties that can be retained across implementation updates. We exemplify our framework over two basic cryptographic primitives, digital signatures and non-interactive zero-knowledge (NIZK), where we demonstrate how to achieve updateability with consistency and backwards-compatibility across updates in a composable manner. We also illustrate how our notion is a continuation of a much broader scope of the concept of agility introduced by Acar, Belenkiy, Bellare, and Cash in Eurocrypt 2010 in the context of symmetric cryptographic primitives.

Available format(s)
Publication info
A major revision of an IACR publication in TCC 2023
Universal compositionupdatescrypto-agilitysignatureszero-knowledge
Contact author(s)
christian badertscher @ iohk io
michele ciampi @ ed ac uk
aggelos kiayias @ ed ac uk
2023-09-26: last of 2 revisions
2022-10-11: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christian Badertscher and Michele Ciampi and Aggelos Kiayias},
      title = {Agile Cryptography: A Universally Composable Approach},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1367},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.