National Academies Press: OpenBook
« Previous: Front Matter
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×

Workshop Introduction

The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted a Workshop on Cryptographic Agility and Interoperability at its Spring 2016 meeting, on May 9, 2016, in Washington, D.C.

The workshop featured 11 speakers who addressed various aspects of cryptographic agility and interoperability. These distinguished researchers, computer scientists, and industry leaders shared their diverse experiences and expertise related to the history and practice of cryptography, its current challenges, and its future possibilities. They also asked questions, probed assumptions, and explored uncertainties when dealing with cryptography.

The meeting was open to the public. This proceedings was created from the presenters’ slides, the rapporteurs’ notes, and a full transcript of the workshop; it is intended to serve as a public record of the workshop presentations and discussions.

OPENING REMARKS

Fred B. Schneider, Samuel B. Eckert Professor of Computer Science at Cornell University, member of the National Academy of Engineering, and workshop chair, opened the meeting with a brief description of the National Academies’ Forum on Cyber Resilience. The forum convenes experts from various backgrounds to examine the complicated issues

Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×

surrounding cybersecurity and, more broadly, cyber resilience. The forum offers experts in technology, policy, and research an opportunity to discuss critical emerging issues or raise topics that are insufficiently addressed or perceived to be underappreciated. Although the forum does not conduct traditional National Academies’ studies, Schneider noted that forum members and the ideas discussed at workshops hosted by the forum can lead to the creation of such studies when deemed appropriate.

Schneider noted that this workshop focused on challenges surrounding cryptographic agility and interoperability. Cryptography is the creation of codes or algorithms to secure communications. Cryptographic agility refers to how easy it is to evolve or replace the hardware, software, or entire information technology (IT) systems being used to implement cryptographic algorithms or protocols (and, in particular, whether the resulting systems remain “interoperable”). Although cryptographers and computer systems designers might be confident in their work and may not see a strong need for cryptographic agility, “the reality is that we now know that cryptography breaks,” Schneider said.

For example, Schneider cited concerns about the possibility of quantum computers—technologies in very early research stages that would employ a fundamentally different approach from today’s computers. If quantum computing becomes a reality, today’s public-key cryptography systems—which are the basis for securing electronic communications in open environments such as the Internet—would be vulnerable to compromise. Agility would make defense against the emergence of quantum computers easier because it would allow simple substitution of quantum-resistant public-key algorithms for today’s widely deployed (and quantum-susceptible) algorithms.

Schneider also drew attention to some immediately practical issues, beyond developing defenses against hypothetical quantum computers, that improvements in cryptographic agility could help address. For example, what happens when foreign nations or other entities want to add their own cryptographic suites to commodity software, instead of using cryptographic approaches provided by the manufacturer? Support for this kind of change requires cryptographic agility in the deployed systems. The prospect of deploying more agile cryptography systems also raises some hard questions about trust: Who should be authorized to change cryptography in a deployed system? Schneider noted that changing cryptography systems can typically cause “really annoying little headaches,” such as the need to change key size or format, and the difficulty and expense of replacing cryptographic code that pervades several layers of software. Such headaches are actually symptoms of a broader set of issues that encompasses not only engineering and design problems but also questions of trust, policy, and even foreign relations, Schneider said.

Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×

Despite this broad set of issues, Schneider noted that there has not yet been much discussion of this topic outside of highly technical communities. The intent of this workshop is to help explore the issues, educate a wider community, and identify where further work is needed.

Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 1
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 2
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 3
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 4
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 5
Suggested Citation:"Workshop Introduction." National Academies of Sciences, Engineering, and Medicine. 2017. Cryptographic Agility and Interoperability: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24636.
×
Page 6
Next: 1 Context »
Cryptographic Agility and Interoperability: Proceedings of a Workshop Get This Book
×
Buy Ebook | $14.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

In May 2016, the National Academies of Sciences, Engineering, and Medicine hosted a workshop on Cryptographic Agility and Interoperability. Speakers at the workshop discussed the history and practice of cryptography, its current challenges, and its future possibilities. This publication summarizes the presentations and discussions from the workshop.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!