Crypto agility refers to the ability of an entity to replace existing crypto primitives, algorithms, or protocols with a new alternative quickly, inexpensively, with no or acceptable risk exposure. These changes may be driven by regulatory action, advances in computing, or newly discovered vulnerabilities. Yet everyday operational needs may put crypto agility considerations on the back burner when deploying technology, designing processes, or developing products/services. Consequently, changes are often performed in an ad hoc manner. Transition from one crypto solution to another can then take a long time and expose organizations to unnecessary security risk. This paper presents a framework to analyze and evaluate the risk that results from the lack of crypto agility. The proposed framework can be used by organizations to determine an appropriate mitigation strategy commensurate with their risk tolerance. We demonstrate the application of this framework with a case study of quantum computing and related threats to cryptography in the context of TLS for Internet of Things.

中文翻译：

---

CARAF：加密敏捷性风险评估框架

加密敏捷性是指实体快速、廉价地用新的替代方案替换现有加密原语、算法或协议的能力，没有或可接受的风险暴露。这些变化可能是由监管行动、计算进步或新发现的漏洞驱动的。然而，在部署技术、设计流程或开发产品/服务时，日常运营需求可能会将加密敏捷性考虑放在次要位置。因此，更改通常以特别的方式执行。然后，从一种加密解决方案过渡到另一种可能需要很长时间，并使组织面临不必要的安全风险。本文提出了一个框架来分析和评估由于缺乏加密敏捷性而导致的风险。组织可以使用建议的框架来确定与其风险承受能力相称的适当缓解策略。我们在物联网 TLS 的背景下，通过量子计算和对密码学的相关威胁的案例研究来展示该框架的应用。