Last week, a cybersecurity-focused trade group for the financial services industry
The group, the Financial Services Information and Sharing Center, or FS-ISAC, promoted this so-called "cryptographic agility" —
"The financial services industry must take a leadership position in cryptographic agility, ensuring the sanctity and safety of data and storage as threats continue to evolve,"
The whitepaper, titled Building Cryptographic Agility in the Financial Sector, follows an announcement in August by the National Institute of Standards and Technology, or NIST, that finalized
The idea of the whitepaper, Silverman said, is to enable business continuity even when existing cryptography — like the algorithms that NIST is looking to replace — is compromised or weakened.
One of the new NIST standards, FIPS 203, would replace the widely used RSA encryption algorithm with a quantum-proof replacement algorithm, which it calls the Module-Lattice-Based Key-Encapsulation Mechanism, or ML-KEM. While no quantum computer exists today that can break the most commonly used versions of RSA, many experts believe it is
Ever-changing encryption standards
If the history of cryptography is any indication, the transition to using ML-KEM and the two other algorithms NIST finalized will not be the last. Indeed, NIST has acknowledged the need for a backup algorithm that could replace ML-KEM if it is ever broken. In its announcement in August, NIST said it planned to release a second class of post-quantum cryptography algorithms by the end of the year.
As FS-ISAC outlined in its report, there have been multiple changes to cryptography standards as banking has gone digital. In 1977, NIST finalized its Data Encryption Standard, or DES, and while known today to be insecure, it proved influential across industry and academia at the time, not least in financial services, where banks dropped the proprietary algorithms they were using in favor of NIST's recommendations.
Since then, NIST has been at the forefront of many standards changes. In 2001, NIST published its Advanced Encryption Standard, or AES, as the next-generation follow-up to DES (and the closely related Triple DES).
Increases in computing capacity have required banks and other companies to continuously adopt newer versions of the popular RSA encryption algorithm, to support larger keys that have become harder to break over time. This might also prove true of ML-KEM.
In the realm of hashes — algorithms designed to protect passwords — the early 2000s brought a transition away from MD5 to SHA-1, a standard published by NIST in 1995, after flaws were found in the old algorithm. In 2017, Google then identified weaknesses in SHA-1, which prompted NIST to recommend a transition to SHA-3, which it had standardized two years prior and remains the standard today.
The new 'cryptographic agility' mandate
This history of cryptographic transitions and the growing complexity of transition efforts, as systems and hardware proliferate, have prompted FS-ISAC to recommend a more holistic approach it calls cryptographic agility.
"Cryptographic agility is a measure of an organization's ability to adapt cryptographic solutions or algorithms (including their parameters and keys) quickly and efficiently in response to developments in cryptanalysis, emerging threats, technological advances and/or vulnerabilities," reads the FS-ISAC report.
To put it another way, FS-ISAC also calls cryptographic agility a "design principle" for enabling quick cryptography-related changes with minimal disruption to business operations.
FS-ISAC's 26-page paper provides an eight-step framework for replacing insecure algorithms, involving taking inventory of the types of algorithms an institution uses and where; planning how to replace those algorithms; testing and validating their replacements; and so on, until the next inventory phase begins.
The paper also outlines nine core elements of a successful crypto agility transition, a five-stage maturity model for assessing the organization's level of crypto agility, and the pros and cons of the many technical details of how an organization can prepare to replace an insecure cryptographic algorithm.
As one example, the paper assesses crypto-as-a-service, a design pattern in which an organization maintains its encryption algorithms in applications that are totally separate from the applications that use them. This separation creates a so-called "magic curtain" that allows the organization to swap the cryptography system as needed.
One downside of a crypto-as-a-service system is the latency it might introduce. Sending requests to a different application or process could add milliseconds to a decryption or encryption operation that would quickly add up to higher computational costs over time. The FS-ISAC paper explores these technical details, as well as the broader view of why these considerations matter.
"This paper is an extraordinary collaboration, combining the knowledge and experience of more than 30 quantum and security subject matter experts from the financial services sector, into a single artifact for both business and technical audiences," said Peter Bordow, the chair of the FS-ISAC working group that produced the paper and managing director of quantum security at Wells Fargo.
