Cryptographic primitives and protocols require constant modifications and adaptations in order to maintain the security of IT-systems. Many researchers argue that applying the notion of crypto-agility provides more feasible and practical updating of cryptographic systems, especially in the light of the expected transition to PQC. However, there is no unified definition for this notion, nor a common understanding of the requirements that can enable it. Moreover, it is not entirely clear what measures need to be taken in order to apply crypto-agility in practice, and which aspects and challenges exist towards this endeavor. We compare the various definitions of crypto-agility including its requirements and varying facets, and investigate the state of readiness of crypto-agility by surveying works dealing with general challenges and recommendations in this regard. We present the survey and discuss discovered challenges and solutions and utilize our findings to evaluate the state of readiness for crypto-agility.
[AWG+22] N. Alnahawi, A. Wiesmaier, T. Graßmeyer, J. Geißler, A. Zeier, P. Bauspieß, and A. Heinemann.On the State of Crypto Agility. Accepted at 18. Deutscher IT-Sicherheitskongress, 2022
Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Passive Authentication (PA) are currently the standard European Union (EU) protocols for establishing secure communication between electronic identity cards (eID), machine readable travel documents (MRTD), and service terminals. They serve the mutual authentication of the communication parties, as well as the verification of the terminal's access to data stored on the proximity integrated circuit cards (PICC i.e. Chip Card). This work provides a first analysis of the feasibility of integrating post-quantum cryptography into these protocols, and their future suitability for usage in electronic documents. We address several aspects regarding the core cryptographic functionalities, design and implementation approaches, as well as required integration and migration strategies. Thus, we cover the whole spectrum of the PQC migration process tackling multifaceted issues and challenges facing this endeavor.
[Alna22] N. Alnahawi. On Integrating Post-Quantum Cryptography in Standard Security Protocols of Electronic Identification Documents. Submittted to Doktorandenforum der Sicherheit 2022, Sicherheit, Schutz und Zuverlässigkeit (GI Sicherheit 2022 Doktorandenforum)
@@ -20,3 +20,5 @@ use our findings as starting point to initiate an open community project in
...
@@ -20,3 +20,5 @@ use our findings as starting point to initiate an open community project in
the form of a [website](https://fbi.h-da.de/cma) to keep track of the ongoing efforts and the state of the art in PQC research.
the form of a [website](https://fbi.h-da.de/cma) to keep track of the ongoing efforts and the state of the art in PQC research.
Thereby, we offer a single entry-point for the community into the subject
Thereby, we offer a single entry-point for the community into the subject
reflecting the current state in a timely manner.
reflecting the current state in a timely manner.
[AWG+21] N. Alnahawi and A. Wiesmaier and T. Graßmeyer and J. Geißler and A. Zeier and P. Bauspieß and A. Heinemann. On the State of Post-Quantum Cryptography Migration. In INFORMATIK'21 --- PQKP-Workshop, Volume 308 of GI-Edition: Lecture Notes in Informatics (LNI), 2021.
