• SOLUTIONS
      • Cryptosense Analyzer Platform
      • Cryptography Inventory
      • Secure Cloud Migration
      • PKCS#11 Device Audit
  • RESOURCES
      • Whitepapers
      • Webinars
      • Cloud Cryptography
      • Datasheets
      • Training Courses
      • Blog
  • COMPANY
      • About Us
      • Careers
      • Partners & Resellers
      • Contact
  • SUPPORT
  • GET IN TOUCH
January 21, 2019

Achieving Crypto Agility

A recent NIST paper recommending which steps to take to prepare for the advent of quantum computers proposes that users of cryptography look to achieve ‘crypto agility’ as soon as possible. The idea was further expanded by Gartner in a recent research note, and now crops up regularly. It’s sometimes described as ‘crypto-agnosticism’, but what does it mean, and how does one achieve it?

Designers of cryptographic protocols have talked for a long time about the idea of algorithm agility. The principle is simple: that a protocol will be designed in such a way that its function is, to some extent, independent of the choice of cryptographic algorithm used, therefore allowing you to switch algorithm. You might even have a set of recommended cipher suites that can be negotiated in each protocol exchange – this is how TLS works for example. There are now whole RFCs dedicated to the topic.

Crypto agility extends this idea from network protocols to all of the cryptography in use in an organisation. This means that an organisation can only become crypto-agile when the security team knows all of the algorithms, keylengths, crypto libraries and protocols in use in their applications and infrastructure, and has a plan that would allow them to change if necessary.

Continue reading →

Search the Blog

Interested in Crypto News?

Article Categories

  • Archive (37)
  • Cloud Cryptography (11)
  • Crypto Agility (3)
  • Cryptographic Vulnerabilities (8)
  • Cryptography (66)
  • Cryptography Inventory (6)
  • Cryptosense Company News (18)
  • Encryption (8)
  • HSM Security (7)
  • Key Lifecycle Visibility (4)
  • Other (8)
  • Post-Quantum Cryptography Preparedness (1)
  • Products (24)
  • Security (83)
  • Tech (10)

Most Popular Posts

  • BouncyCastle Keystore Security
  • FIPS 140-3 Compliant Cryptography
  • Parameter choice for PBKDF2
  • New cryptography in .NET Core 3.0
  • Why PKCS#1v1.5 Encryption Should Be Put Out of Our Misery
  • Dangerous Tutorials: How not to learn C# cryptography
  • FedRAMP and FIPS 140-2 Cryptography
  • Which Algorithms Are FIPS 140-3 Approved?
  • Cracking Java Keystores with Hashcat
  • Keep Calm and Carry On: Why you may already have the solution to Post-Quantum Cryptography
    • Solutions
      • Cryptosense Analyzer Platform
      • Cryptography Inventory
      • Secure Cloud Migrations
      • PKCS#11 Security Audit
      • Request Demo
    • Resources
      • Whitepapers
      • Webinars
      • Cloud Cryptography
      • Datasheets
      • Blog
      • Support
    • Company
      • About Us
      • Careers
      • Partners & Resellers
      • Contact

Follow us on Twitter FR: +33 (0)9 72 42 35 31 US: +1 646-893-7657

info@cryptosense.com

© 2012-2020 Cryptosense | All rights reserved.

  • Cryptosense Analyzer
  • Use Cases
  • Cloud Cryptography
  • Whitepapers
  • Webinars
  • About Us
  • Blog
  • Support
  • Contact
We use cookies to deliver our services. If you continue to use this site we assume you consent to our privacy policy.ACCEPTPrivacy policy