Considerations for Achieving Cryptographic Agility: Strategies and Practices

Date Published: March 5, 2025
Comments Due: April 30, 2025
Email Comments to: crypto-agility@nist.gov

Author(s)

Elaine Barker (NIST), Lily Chen (NIST), David Cooper (NIST), Dustin Moody (NIST), Andrew Regenscheid (NIST), Murugiah Souppaya (NIST), William Newhouse (NIST), Russ Housley (Vigil Security), Sean Turner (sn3rd)

Announcement

Advances in computing capabilities, cryptographic research, and cryptanalytic techniques periodically create the need to replace algorithms that no longer provide adequate security for their use cases. For example, the threats posed by future cryptographically-relevant quantum computers (CRQCs) to public-key cryptography are addressed by NIST post-quantum cryptography (PQC) standards.  Migrating to PQC in protocols, applications, software, hardware, and infrastructures presents an opportunity to explore capabilities that could allow this cryptographic algorithm migration and future migrations to be easier to achieve by adopting a cryptographic (crypto) agility approach.

Crypto agility describes the capabilities needed to replace and adapt cryptographic algorithms for protocols, applications, software, hardware, and infrastructures without interrupting the flow of a running system to achieve resiliency. This draft NIST Cybersecurity White Paper (CSWP) provides an in-depth survey of current approaches and considerations to achieving crypto agility. It discusses challenges, trade-offs, and some approaches to providing operational mechanisms for achieving crypto agility while maintaining interoperability. It also highlights some critical working areas that require additional discussion.

NIST also invites discussions among stakeholders to develop sector- and environment-specific strategies for pursuing crypto agility at a future NIST virtual workshop. 

Control Families

None selected