Reifegradmodell für die Krypto-Agilität

Abstract

Quantum computers threaten to fundamentally endanger the security of cryptography used today. In addition to the development of algorithms that are resistant to attacks by quantum computers, crypto-agility is an important field of research in order to be able to exchange algorithms in time and thus be safer from the impending danger. Since there is no general guideline describing how crypto-agility should be implemented for IT systems, this thesis conducts a literature study and aggregates the requirements from existing research to develop a maturity model. The resulting model fulfills the properties identified as necessary to facilitate a crypto-agile system design. The evaluation and improvement of the crypto-agile properties are successfully tested on the example of a real system. Positive feedback from potential users of the model is collected in an initial expert survey. By gaining popularity and through extensive usage, this model supports further research into crypto-agility and ensures the future security of today’s infrastructure by enabling the simple exchange of existing cryptography with PQC methods.