What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Background on Crypto-Agility

The use of cryptography to conceal information dates to 1900 BCE, and the use of cryptanalysis methods to break ciphers is likely nearly as old.  In NIST’s terminology, the best possible classification for an algorithm is “acceptable,” which means “an algorithm or key is safe to use; no security risk is currently known when used in accordance with any associated guidance.”

NIST’s recommendations for the immediate adoption of crypto-agility are informed by the potential of quantum computing to render all current public key cryptosystems powerless. For example, in 1994, Peter Shor of Bell Laboratories demonstrated the potential of quantum computers to dramatically speed up the process of factorizing primes in comparison to using classical computers, thereby breaking the RSA algorithm.

While it is challenging to predict a timeline for the realization of quantum computing, efforts are underway to develop post-quantum cryptography methods. Developing agility in the digital infrastructure is essential to preparing for contemporary and quantum computing risks.

Why Crypto-Agility Matters

Public key encryption, digital signatures, and key exchange are the core of modern information systems, payment systems, and the global communications infrastructure. However, no single method of encryption is unbreakable. Recent discoveries of vulnerabilities in major algorithms has provided evidence that organizations must be prepared to transition between standards quickly.

In July 2018, NIST published draft guidance proposing a five-year timeline to disallow the use of the 3DES algorithm. This retirement followed discovery of the Sweet32 vulnerability which exploited a known vulnerability to collision attacks in 3DES and other 64-bit block cipher suites. 3DES is rooted in systems, standards and technology in the finance industry, and its retirement could create challenges around infrastructure, payments, and interoperability.

In October 2017, the ROCA vulnerability was discovered in a software library implementing the RSA asymmetric cipher, which impacted billions of security devices and smartcards.

In cryptography, the discovery of vulnerabilities and the retirement of algorithms is inevitable. Organizations should adopt crypto-agility capabilities, or a stance in which encryption methods can be updated within protocols, systems and technology as vulnerabilities are discovered.

Organizational Agility

Agile cryptography requires the evolution of organizational policies prior to the discovery of vulnerabilities and risks. Gartner recommends the collaboration of security and incident response leadership to facilitate organizational change, including a three-part framework for transitioning to crypto-agility:

1. Adapt application development and procurement workflows to reflect crypto-agility
2. Conduct a comprehensive inventory of information systems which use cryptography.  Identify and evaluate algorithms in use
3. Update incident response plans to include cryptographic alternatives and methods for updating existing methods of encryption
   

Technological Agility

Traditional response methods to the discovery of cryptographic vulnerabilities include time-consuming updates to code bases, algorithm replacement, application rebuilding, and patching. While this approach creates a solution, hard-coded changes do not facilitate protection or efficiency in future discovery of vulnerabilities. Technological agility is best achieved with the adoption of new development frameworks and service software for applications that rely on strong cryptography.

Development methods for crypto-agility could include the adoption of object-oriented frameworks such as Java Development Kit (JDK) and .NET. These frameworks allow algorithms to be represented as classes that derive from abstract classes, which allow the loading of changes to algorithms post-implementation from a database or configuration file.

While new development frameworks can safeguard future applications, conducting a complete overhaul of legacy IT systems for intrinsic crypto-agility is not pragmatic. Crypto-agility can also be facilitated with the adoption of a service software layer, or gateway application, between applications and hardware security modules. Solutions for cryptography as a service can enable agility in key management, policy enforcement, algorithm updates, monitoring, and usability.