Cryptographic agility explained

In cryptographic protocol design, cryptographic agility or crypto-agility is the ability to switch between multiple cryptographic primitives.

Then the systems implementing a particular standard can choose which combination of primitives they want to use. The primary goal of cryptographic agility was to enable rapid adaptations of new cryptographic primitives and algorithms without making disruptive changes to the systems' infrastructure.

Cryptographic agility acts as a safety measure or an incident response mechanism when a cryptographic primitive of a system is discovered to be vulnerable.[1] A security system is considered crypto agile if its cryptographic algorithms or parameters can be replaced with ease and is at least partly automated.[2] [3] The impending arrival of a quantum computer that can break existing asymmetric cryptography is raising awareness of the importance of cryptographic agility.[4] [5]

Example

The X.509 public key certificate illustrates crypto-agility. A public key certificate has cryptographic parameters including key type, key length, and a hash algorithm. X.509 version v.3, with key type RSA, a 1024-bit key length, and the SHA-1 hash algorithm were found by NIST to have a key length that made it vulnerable to attacks, thus prompting the transition to SHA-2.[6]

Importance

With the rise of secure transport layer communication in the end of the 1990s, cryptographic primitives and algorithms have been increasingly more popular; as an example, by 2019 more than 80% of all websites employed some form of security measures.[7] Furthermore, cryptographic techniques are widely incorporated to protect applications and business transactions.

However, as cryptographic algorithms are deployed, researching their security intensifies, and new attacks against cryptographic primitives (old and new alike) are discovered in short intervals.Crypto-agility tries to tackle the implied threat to information security by allowing swift deprecation of vulnerable primitives and replacement by new ones.

This threat is not merely theoretical; many algorithms that were once considered secure (DES, 512 bit RSA, RC4) are now known to be vulnerable, some even to amateur attackers. On the other hand, new algorithms (AES, Elliptic Curve Cryptography) are often both more secure and faster in comparison to old ones. Systems designed to meet crypto-agility criteria are expected to be less affected should current primitives be found vulnerable, and may enjoy better latency or battery usage by using new and improved primitives. As an example, quantum computing, if feasible, is expected to be able to defeat existing public key cryptography algorithms. The overwhelming majority of the existing public key infrastructure rely on the computational hardness of problems such as large integer factorization and discrete logarithm problems (which includes elliptic-curve cryptography as a special case). Quantum computers running Shor's algorithm can solve these problems exponentially faster than the best known algorithms for conventional computers.[8] Post-quantum cryptography is the subfield of cryptography that aims to replace algorithms broken with new ones that are believed hard to break even for a quantum computer. The main families of post-quantum alternatives to factoring and discrete logarithm include lattice-based cryptography, multivariate cryptography, hash-based cryptography and code-based cryptography.

Awareness

System evolution and crypto-agility are not the same. System evolution progresses on the basis of emerging business and technical requirements. Crypto-agility is related instead to computing infrastructure and requires consideration by security experts, system designers and application developers.[9]

Best practices

Best practices about dealing with crypto-agility include:[10]

Notes and References

  1. Web site: Henry . Jasmine . What is Crypto-Agility? . Cryptomathic . 26 November 2018.
  2. Web site: Key Reuse: Theory and Practice (Workshop on Real-World Cryptography). Patterson . Kenny. Stanford University. 26 November 2018.
  3. Web site: Cryptographic Agility. Sullivan. Bryan. Microsoft Corporation on Blackhat.com. 26 November 2018.
  4. Web site: Better Safe Than Sorry: Preparing for Crypto-Agility. 2020-10-19. Gartner. en.
  5. Web site: Steel. Graham. 2019-01-21. Achieving Crypto Agility. live. https://web.archive.org/web/20200805020632/https://cryptosense.com/blog/achieving-crypto-agility/ . 2020-08-05 . 2020-10-19. Cryptosense. en-US.
  6. Web site: All you need to know about the move from SHA1 to SHA2 encryption. Grimes. Roger A.. 2017-07-06. CSO Online. en. 2019-05-19.
  7. Web site: How Let's Encrypt doubled the internet's percentage of secure websites in four years . University of Michigan News . 13 November 2019.
  8. Web site: Shor's Algorithm – Breaking RSA Encryption. Bl. Stephanie. a. 2014-05-01. AMS Grad Blog. en-US. 2019-08-09.
  9. Web site: Henry . Jasmine . 3DES is Officially Being Retired . Cryptomathic . 26 November 2018.
  10. Web site: Mehmood . Asim . What is crypto-agility and how to achieve it? . Utimaco . 26 November 2018 . 27 March 2019 . https://web.archive.org/web/20190327221802/https://content.hsm.utimaco.com/blog/what-is-crypto-agility-and-how-to-achieve-it . dead .
  11. Web site: Chen . Lily . Jordan . Stephen . Liu . Yi-Kai . Moody . Dustin . Peralta . Rene . Perlner . Ray . Smith-Tone . Daniel . Report on Post-Quantum Cryptography (NISTIR 8105) . National Institute of Standards and Technology NIST . 26 November 2018.
  12. Web site: Digital certificate and private key rotations must be automated.. www.appviewx.com. 20 April 2020.
  13. Web site: Macaulay . Tyson . Cryptographic Agility in Practice . InfoSec Global . 5 March 2019.