(HelpNetSecurity) The author Mike Cooper explains the need for crypto-agility with threats like quantum computing becoming more real while cryptographic algorithms are subject to decay or compromise. Without the ability to identify, manage and replace vulnerable keys and certificates quickly and easily, companies are at risk.
Fundamentally, you will have achieved crypto-agility when your security systems are able to rapidly deploy and update algorithms, cryptographic primitives, and other encryption mechanisms. Going a step further, it means you have achieved complete control over cryptographic mechanisms – your public key infrastructure (PKI) and associated processes – and can quickly make whatever changes are needed without intense manual effort.
The replacement of manual processes with automated ones is critical to keeping up with accelerating change. As computing power and security technologies continue to evolve at a faster and faster pace, your existing cryptographic infrastructure is destined to become obsolete in a few years unless you can keep it upgraded to the latest technologies. Notably, threats continue to evolve as well.
The looming threat of quantum computing – some say we could see 100,000x faster quantum computers as soon as 2025 – represents another compelling reason to focus on improving your crypto-agility. While all crypto algorithms are breakable on paper, the incredible computing power required for such a feat does not currently exist. That could change with quantum computers which one day will be able to break most existing algorithms and hash function in minutes or hours.