Crypto agility refers to the fundamental ability to replace and upgrade cryptographic algorithms, key lengths, crypto-dependent protocols, and the keys themselves. This is enormously challenging due to the pervasiveness and deep entrenchment of cryptologic in our devices and computing systems.
Cryptographic replacement may be required either as a response to newly discovered vulnerabilities concerning an algorithm, or as a normal life cycle upgrade (algorithm sunsetting). Part of the challenge is the depth of the cryptographic stack itself.
A suitable example is as follows.
An organization is mandated to upgrade its entire network infrastructure to VPNs possessing 256-bit AES protection; AES 128 is no longer sufficient. This ...