Towards a maturity model for crypto-agility assessment
The Crypto-Agility Maturity Model (CAMM for short), a maturity model for determining the crypto-agility of a particular software or IT landscape, is presented. CAMM consists of five levels, and for each level a set of requirements have been formulated based on existing crypto-agility literature that apply at that level. With the help of CAMM, organizations should be able to better prepare for potential threats that need to be addressed in a timely manner as vulnerabilities in cryptographic processes become known. The requirement for crypto-agility is motivated by the potential threat posed by powerful quantum computers.
Topic
Trend topic
When & Where
Tue, 03/15/2022, 13:45 - 14:00
Details
Format:
it-sa insights
Session description
Under the leadership of the U.S. National Institute of Standards and Technology (NIST), asymmetric cryptography methods are currently being standardized that are also intended to withstand an attack using powerful quantum computers. The first methods will probably be standardized in 2-4 years. Although current quantum computers are not yet powerful enough, Shor's algorithm has been known since 1997 as a method that breaks classical methods such as RSA.
Thus, research institutions and companies are already dealing with the question of how a migration process from classical, asymmetric cryptography to post-quantum cryptography can be designed. Asymmetric cryptography methods are found in practically all relevant IT security solutions and Internet prot ...