Quantum Computing & Crypto Agility
(Nasdaq.com.op.ed) An editorial from Bitcoin’s Yehuda Lindell discusses quantum computing and the need for crypto agility.
There are two main aspects to crypto agility. 1) The first is how easily it is possible to change code so that one cryptosystem is replaced with another. The more the specific structure of the cryptosystem is relied upon in the code, the harder it will be to replace. 2) The second is how to make this change while preserving backward compatibility and without introducing new vulnerabilities that can happen when new and old versions operate concurrently
Crypto-agility is a good investment. Cryptosystems, key sizes, modes of operation and more change over time. This is a fact of life and will not change. Being more crypto-agile will enable you to respond faster to such changes and to be ahead of the market when new cryptography is introduced (whether it be for classic security systems or for cryptocurrencies and blockchains).
There are candidates for post-quantum secure public-key encryption and digital signature schemes, and NIST is working on standardization now. As such, we will not be surprised and unprepared if post-quantum computers that threaten our cryptographic infrastructure become close to reality.