Crypto Agility

Cryptographic agility is defined in RFC 6421 as "the ability of a protocol to adapt to evolving cryptography and security requirements." Furthermore, it is described as a preventive strategy aimed at security-driven updates to cryptographic algorithms. The term emphasizes the flexibility and responsiveness of a cryptographic solution to evolving security needs, emerging threats, or technological advancements.

The primary goal of crypto agility is to ensure that a system can maintain a high level of security over time, even as cryptographic algorithms become vulnerable due to factors such as increased computational power, breakthroughs in cryptanalysis, or the emergence of quantum computing. By being crypto-agile, a system can seamlessly transition to new, more secure cryptographic algorithms or configurations without compromising its overall functionality.

Crypto agility is commonly perceived as a system characteristic, denoting the capacity of a system, application, or protocol to securely shift between cryptographic algorithms or implementations. We advocate for a more precise definition, proposing crypto-agility as an architectural framework governing the implementation of cryptographic transitions and changes. This perspective posits that discussions on crypto agility should revolve around architectural schemes facilitating change within a system. 

Crypto agility is closely related to introducing changes into the system. Therefore, the envisioned approach assumes a framework connecting the security posture of the system with other quality attributes like safety, resiliency, reliability of mutability - to name a few. These attributes and their metrics will play the role of agility measures as well as crypto migration justification.