The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted a Workshop on Cryptographic Agility and Interoperability at its Spring 2016 meeting, on May 9, 2016, in Washington, D.C.
The workshop featured 11 speakers who addressed various aspects of cryptographic agility and interoperability. These distinguished researchers, computer scientists, and industry leaders shared their diverse experiences and expertise related to the history and practice of cryptography, its current challenges, and its future possibilities. They also asked questions, probed assumptions, and explored uncertainties when dealing with cryptography.
The meeting was open to the public. This proceedings was created from the presenters’ slides, the rapporteurs’ notes, and a full transcript of the workshop; it is intended to serve as a public record of the workshop presentations and discussions.
Fred B. Schneider, Samuel B. Eckert Professor of Computer Science at Cornell University, member of the National Academy of Engineering, and workshop chair, opened the meeting with a brief description of the National Academies’ Forum on Cyber Resilience. The forum convenes experts from various backgrounds to examine the complicated issues
surrounding cybersecurity and, more broadly, cyber resilience. The forum offers experts in technology, policy, and research an opportunity to discuss critical emerging issues or raise topics that are insufficiently addressed or perceived to be underappreciated. Although the forum does not conduct traditional National Academies’ studies, Schneider noted that forum members and the ideas discussed at workshops hosted by the forum can lead to the creation of such studies when deemed appropriate.
Schneider noted that this workshop focused on challenges surrounding cryptographic agility and interoperability. Cryptography is the creation of codes or algorithms to secure communications. Cryptographic agility refers to how easy it is to evolve or replace the hardware, software, or entire information technology (IT) systems being used to implement cryptographic algorithms or protocols (and, in particular, whether the resulting systems remain “interoperable”). Although cryptographers and computer systems designers might be confident in their work and may not see a strong need for cryptographic agility, “the reality is that we now know that cryptography breaks,” Schneider said.
For example, Schneider cited concerns about the possibility of quantum computers—technologies in very early research stages that would employ a fundamentally different approach from today’s computers. If quantum computing becomes a reality, today’s public-key cryptography systems—which are the basis for securing electronic communications in open environments such as the Internet—would be vulnerable to compromise. Agility would make defense against the emergence of quantum computers easier because it would allow simple substitution of quantum-resistant public-key algorithms for today’s widely deployed (and quantum-susceptible) algorithms.
Schneider also drew attention to some immediately practical issues, beyond developing defenses against hypothetical quantum computers, that improvements in cryptographic agility could help address. For example, what happens when foreign nations or other entities want to add their own cryptographic suites to commodity software, instead of using cryptographic approaches provided by the manufacturer? Support for this kind of change requires cryptographic agility in the deployed systems. The prospect of deploying more agile cryptography systems also raises some hard questions about trust: Who should be authorized to change cryptography in a deployed system? Schneider noted that changing cryptography systems can typically cause “really annoying little headaches,” such as the need to change key size or format, and the difficulty and expense of replacing cryptographic code that pervades several layers of software. Such headaches are actually symptoms of a broader set of issues that encompasses not only engineering and design problems but also questions of trust, policy, and even foreign relations, Schneider said.
Despite this broad set of issues, Schneider noted that there has not yet been much discussion of this topic outside of highly technical communities. The intent of this workshop is to help explore the issues, educate a wider community, and identify where further work is needed.