好文档 - 专业文书写作范文服务资料分享网站

应用加密和区块链2020cryptographic-agility-anticipating-preparing-for-and-executing-change

天下 分享 时间: 加入收藏 我要投稿 点赞

SESSION ID:ACB-T11

Cryptographic Agility: Anticipating, Preparing for and Executing ChangeMODERATOR:

Dr. Lily Chen

Manager of Cryptographic Technology GroupComputer Security Division

Information Technology Lab, NIST

PANELISTS:

Dr. David Ott

Senior Staff Researcher and Academic Program DirectorVMware Research

Dr.Zulfikar Ramzan

Chief Technology OfficerRSA

Dr. Brian LaMacchia

Distinguished EngineerMicrosoft

#RSAC

Cryptography Lifetime: Algorithm Strength Over Time

#RSAC

Cryptographic Agility: Addressing Change

Technology advancements and more sophisticated cryptanalysis empower attackers and increase threat levelsCryptography needs to change over time

Ex: Improvements in hash collision finding, future quantum computersAlgorithms become deprecated and need removalNew primitives and algorithms are introducedLarger key/signature/ciphertext sizes are neededAlternative parameter sets are introduced

#RSAC

Cryptographic Agility: a capability allowing us to make smooth transitions between algorithms and configurations3

Cryptographic Agility: Discussion Topics

1.

#RSAC

2.3.

4.

In the applications, products, or services your organization deploys, produces or provides, what does crypto agility mean and how has it been handled?

What have we learned from cryptography transitions in the past, and how might this motivate improvements?

What are the major challenges in dealing with transitions, for

example, from the current adopted cryptosystems to new quantum-resistant algorithms? Possible technical paths for transition?What strategies which you think might improve cryptographic agility?

4

Cryptographic Agility: What Can You Do Today

Build and maintain an inventory of current uses of cryptography in your systems and applications.

–Include algorithms, parameters, key sizes, protocols, etc.

#RSAC

Test transition ahead of time.

–For PQC, you can use Open Quantum Safe (OQS, https://openquantumsafe.org/) implementations to test candidate algorithms and PQC-enabled protocols.

Ask your suppliers for details on how they provide cryptographic agility in their systems and services.

Participate in industry forums discussing cryptography transition and the frameworks that will enable it.

–E.g., NIST PQC, IETF work on TLS hybrids

5

应用加密和区块链2020cryptographic-agility-anticipating-preparing-for-and-executing-change

SESSIONID:ACB-T11CryptographicAgility:Anticipating,PreparingforandExecutingChangeMODERATOR:Dr.LilyChenManagerofCryptographicTechnologyGroupComputerSecurityDivis
推荐度:
点击下载文档文档为doc格式
8ui774raxw7zlrl1bkfq6d7jn4l91z0139y
领取福利

微信扫码领取福利

微信扫码分享