The type of cryptography inventory that CAP collects, which includes details on how cryptography is called and what it is used for rather than a simple list of algorithms, conforms to what the NIST ‘Getting Ready for Post Quantum Cryptography’ guide prescribes as the kind of actionable inventory that allows playbook preparation for post-quantum migration.
We believe that true cryptographic agility comes not from switching algorithms in a library, but from having a continuously up-to-date and complete view of the entire call stack that is using cryptography across applications. This means that when a cryptographic algorithm needs to be changed, we already know what the consequences will be for the rest of the application and can plan and monitor the transition in CI as the application changes.
No. Without full visibility on the entire cryptography ecosystem, switching algorithms will cause time-outs, data field overflows, key-storage issues, etc. This applies particularly to the transition to post-quantum or hybrid post-quantum/classical cryptography, which will introduce new limitations in terms of large key sizes, performance constraints, additional operations in protocols and so on.
CAP is a complete cryptography management platform. By combining analysis of cryptography throughout your infrastructure it gives you powerful insight into how you use cryptography with multiple business benefits.download