Paper 2023/487

On the State of Crypto-Agility

Nouri Alnahawi, Darmstadt University of Applied Sciences, Darmstadt, Germany
Nicolai Schmitt, Darmstadt University of Applied Sciences, Darmstadt, Germany
Alexander Wiesmaier, Darmstadt University of Applied Sciences, Darmstadt, Germany
Andreas Heinemann, Darmstadt University of Applied Sciences, Darmstadt, Germany
Tobias Grasmeyer, Darmstadt University of Applied Sciences, Darmstadt, Germany
Abstract

The demand for crypto-agility, although dating back for more than two decades, recently started to increase in the light of the expected post-quantum cryptography (PQC) migration. Nevertheless, it started to evolve into a science on its own. Therefore, it is important to establish a unified definition of the notion, as well as its related aspects, scope, and practical applications. This paper presents a literature survey on crypto-agility and discusses respective development efforts categorized into different areas, including requirements, characteristics, and possible challenges. We explore the need for crypto-agility beyond PQC algorithms and security protocols and shed some light on current solutions, existing automation mechanisms, and best practices in this field. We evaluate the state of readiness for crypto-agility, and offer a discussion on the identified open issues. The results of our survey indicate a need for a comprehensive understanding. Further, more agile design paradigms are required in developing new IT systems, and in refactoring existing ones, in order to realize crypto-agility on a broad scale.

Note: Corrected wrong reference numbering in text body.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. 18. Deutscher IT-Sicherheitskongress
Keywords
Cryptographic AgilityCrypto-Agility
Contact author(s)
nouri alnahawi @ h-da de
nicolai schmitt @ h da de
alexander wiesmaier @ h-da de
andreas heinemann @ h-da de
tobias grasmeyer @ h-da de
History
2023-04-13: revised
2023-04-04: received
See all versions
Short URL
https://ia.cr/2023/487
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/487,
      author = {Nouri Alnahawi and Nicolai Schmitt and Alexander Wiesmaier and Andreas Heinemann and Tobias Grasmeyer},
      title = {On the State of Crypto-Agility},
      howpublished = {Cryptology ePrint Archive, Paper 2023/487},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/487}},
      url = {https://eprint.iacr.org/2023/487}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.