In this whitepaper we discuss why we need crypto-agility and exactly how we should define it. Next we draw on the recent literature from NIST, the NCSC, Gartner, SafeCode and others to put together a five step program you can use to achieve crypto-agility in your organisation, starting today.
Crypto-agility is the ability to support rapid adaptations of cryptographic primitives and algorithms without making significant changes to the system's infrastructure, and without exposure to unacceptable business continuity risks
The collective experience of removing the now-deprecated hash functions MD5 and SHA-1 has highlighted something critical: cryptography migration is hard and resource intensive. In fact, the NSA recently stated that in order to migrate to new cryptography, it would take NSS (National Security Systems) up to 20 years.