Cryptographic Agility

Details

A common criticism of today’s deployed cryptography is that it fails to comprehend the lifecycle of cryptographic algorithms and implementations. A given cryptography standard, for example, may be broken or become weak over time due to new algorithmic discoveries, side channel vulnerabilities, or hardware performance advancements. Unfortunately, it appears to be the rule rather than the exception that deprecated algorithms and outdated implementations (e.g., MD5, SHA1) are hard to eliminate within the industry, and most deployment paradigms do not lend themselves readily to new implementations, adjustments in algorithm strength (e.g., key size), or other parameter changes. What is missing are frameworks that enable and provision for cryptographic agility. Industry migration to Post Quantum Cryptography is an especially strong case study. There is a need to broaden and recast traditional notions of cryptographic agility in light of the size and complexity of global PQC migration. A new science of cryptographic agility should include an expanded set of goals, a more comprehensive set of compute domains, a broader range of agility modalities and time scales, and the full range of security research methodologies. Research on cryptographic agility should include frameworks and architectures that enable agility across a wide variety of compute contexts, usable interfaces addressing various user roles, a better understanding of security and complexity tradeoffs, and other defining challenges.