Skip to main content
banner image
venafi logo

Crypto Agility and Quantum Preparedness: Build Now for the Future

Crypto Agility and Quantum Preparedness: Build Now for the Future

October 28, 2021 | John O’Connor, VP Product Management at Crypto4A Technologies

The first thing is to ask ourselves what is crypto agility? It’s an ability to adopt alternate crypto primitives without significantly changing the entire infrastructure. If we're going to do a migration, then crypto agility is one of those tools or methodologies that's going to allow us to continue needed transitions over time. This becomes especially important when we look at the transition to support encryption in new quantum computing environments.

Are Your Machine Identities Crypto Agile? Find Out With Our Buyer’s Guide!

Crypto agility is that critical kind of safety measure or response mechanism that's going to aid us in seamless, less disruptive migration to quantum-safe cryptography. It's also why Crypto4A has really focused on ensuring that our QxEDGETM and QxCloudTM Hybrid Security Platforms could do hardware-based crypto agility by leveraging FPGA technology at the core of our processing platforms. We've got to be able to adapt and change as we go forward. While, there are still some unknowns as we continue to get closer to NIST’s post-quantum cryptography standardization, we can also predict that post-quantum cryptography may also continue to evolve.  We don't know about future threats that may occur. We need to have that ability of full stack crypto agility to ensure that we can make the right tweaks and changes over time as part of an overall migration and operational strategy.

Here's one way to look at it. If we think about preparing for crypto agility, it’s important to remember the old saying, “never let a good crisis go to waste”. The opportunity here is to think about how and where you're using crypto within your environment, then take the opportunity to think about how you are going to change it in the future – and in an easier way. It’s like home renovations where you have to move some structural walls around. it’s a good time to do both the electrical and plumbing -it makes sense as its both easier and cheaper to make changes to those underlying systems. That's what we really think the work is all about when we're in this ‘architecture’ stage.

We talk to a lot of customers about quantum-safe crypto, and often the first question we get is, “well we don't really know where all our crypto is to know what the scope of any issues might be” (like what’s lurking behind that old wall). It’s that discovery stage where you create an inventory of applications, devices and systems that use encryption that we need to think about here, and this is the opportunity to plan for that transition to quantum safe to minimize system downtime and provide ample time to test and remediate any issues that may arise during the implementation phase.  It’s also a great opportunity to do that discovery that will help you down the road. Here’s a checklist to consider:

  • What certificates are in my environment?
  • Where are they?
  • What are they used for?
  • What crypto are the systems that use those certificates using?
  • What are you building yourself?
  • What are you getting and when from your vendors?
  • What is their roadmap to become quantum-safe?

Look at this as being a plan that you're forming that will solve the problem for you around quantum safety. But consider building in the crypto agility component so that the new next transition will be even easier and cheaper for you.

Incorporating new crypto into your machine identity management strategy is not something you want to wait on. You can get started with quantum-safe machine identities today with integrations that Crypto4A and our partner, ISARA, have built for the Venafi Trust Protection Platform. You can learn more about our quantum-ready integrations on the Venafi Marketplace.


Related Posts


Like this blog? We think you will love this.
Featured Blog

PKI and Quantum: How to Prepare Your Public Key Infrastructure for Quantum Computing

We rely on the language of cryptography to communicate securely.

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

John O’Connor, VP Product Management at Crypto4A Technologies
John O’Connor, VP Product Management at Crypto4A Technologies

John O’Connor is the VP of Product Management for Canada-based Crypto4A and is an expert on quantum ready security solutions. As part of the Machine Identity Protection Fund, Crypto4A is building a quantum-ready HSM that integrates with the Venafi Platform.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more