Paper 2023/487
On the State of Crypto-Agility
Abstract
The demand for crypto-agility, although dating back for more than two decades, recently started to increase in the light of the expected post-quantum cryptography (PQC) migration. Nevertheless, it started to evolve into a science on its own. Therefore, it is important to establish a unified definition of the notion, as well as its related aspects, scope, and practical applications. This paper presents a literature survey on crypto-agility and discusses respective development efforts categorized into different areas, including requirements, characteristics, and possible challenges. We explore the need for crypto-agility beyond PQC algorithms and security protocols and shed some light on current solutions, existing automation mechanisms, and best practices in this field. We evaluate the state of readiness for crypto-agility, and offer a discussion on the identified open issues. The results of our survey indicate a need for a comprehensive understanding. Further, more agile design paradigms are required in developing new IT systems, and in refactoring existing ones, in order to realize crypto-agility on a broad scale.
Note: Corrected wrong reference numbering in text body.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Published elsewhere. 18. Deutscher IT-Sicherheitskongress
- Keywords
- Cryptographic AgilityCrypto-Agility
- Contact author(s)
-
nouri alnahawi @ h-da de
nicolai schmitt @ h da de
alexander wiesmaier @ h-da de
andreas heinemann @ h-da de
tobias grasmeyer @ h-da de - History
- 2023-04-13: revised
- 2023-04-04: received
- See all versions
- Short URL
- https://ia.cr/2023/487
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/487, author = {Nouri Alnahawi and Nicolai Schmitt and Alexander Wiesmaier and Andreas Heinemann and Tobias Grasmeyer}, title = {On the State of Crypto-Agility}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/487}, year = {2023}, url = {https://eprint.iacr.org/2023/487} }