Cryptoagility
Resilient systems with adaptable cryptography
Implementing cryptoagility is essential not only for long-term cybersecurity, but also for gaining a competitive advantage and building technological sovereignty. Institutions who invest in cryptoagile systems today will be better prepared for cryptographic weaknesses, whether insidious or disruptive. Additionally, agility allows them to reap the benefits of innovations in cryptography more quickly.
Successful crypto agility requires a multidimensional approach: building expertise in current and future cryptographic methods, analyzing your own system landscape, adapting decision-making processes, designing modular hardware and software, and implementing flexible interfaces.
ATHENE supports organisations in the practical implementation of cryptoagility with a checklist for the technical implementation. Organisations can significantly improve their cryptographic adaptability by using modular system architectures and central decision-making bodies. Companies and authorities are advised to invest in building knowledge and flexible cryptographic infrastructures today. These preventive measures enable a quick response when vulnerabilities are identified.
ATHENE projects and contributions from its "Cryptoagility" think tank
„Kryptoagilität“: Impulse paper of the Wissenschaftliche Arbeitsgruppe Nationaler Cyber-Sicherheitsrat, November 2024
Authors: Thomas Caspers, Prof. Gabi Dreo Rodosek, Prof. Claudia Eckert, Prof. Jörn Müller-Quade, Prof. Christof Paar, Prof. Alexander Roßnagel, main author Prof. Michael Waidner
Download (PDF, 1,7 MB)
Slides „Krypto-Agilität“, 07.02.2024 for the National Cybersecurity Council (NCSR)
Authors: Dr. Michael Kreutzer, Prof. Michael Waidner, Leonie Wolf
to the slides
Article in DuD • Datenschutz und Datensicherheit "Kryptoagilität“, Oktober 2024
Authors: Dr. Michael Kreutzer, Leonie Wolf, Prof. Dr. Michael Waidner
to the article (behind login)
Study „Krypto-Agilität - Leitfaden für langfristige IT-Sicherheit“, 2024
Author: Leonie Wolf
to the study
Slides „Crypto agility spider chart“: Präsentation auf der CrossFyre22
Author: Leonie Wolf
to the slides
“Tracing Cryptographic Agility in Android and iOS Apps”, Paper presented at the 9th International Conference on Information Systems Security and Privacy, ICISSP 2023
Authors: Kris Heid, Jens Heider, Matthias Ritscher, Jan-Peter Stotz
to the paper
“Security code smells in apps: are we getting better?” Paper in: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022
Author: Dr. Steven Arzt
to the paper
“Post-quantum cryptography for electric vehicle charging”, Paper in: International Conference on Applied Cryptography and Network Security (pp. 85-111). Cham: Springer Nature Switzerland, May 2023
Autoren: Dustin Kern, Christoph Krauß, Timm Lauser, Nouri Alnahawi, Alexander Wiesmaier, Ruben Niederhagen
to the paper
“Downgrading {DNSSEC}: How to Exploit Crypto Agility for Hijacking Signed Zones”, Paper presented at the 32nd USENIX Security Symposium 2023
Autor*innen: Elias Heftrig, Prof. Haya Schulmann, Prof. Michael Waidner
to the paper
