bth.se
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards cryptographic agility manifesto in end-to-end encryption systems: a position paper from the perspective of crypto-consumers
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0003-0183-3613
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0002-0518-6532
2024 (English)In: Proceedings - 2024 IEEE Conference on Dependable, Autonomic and Secure Computing, DASC 2024, IEEE Computer Society, 2024, p. 65-72Conference paper, Published paper (Refereed)
Abstract [en]

This position paper presents the preliminary results from a research study focusing on cryptographic agility for consumers of open-source cryptographic libraries. We provide a concise overview of frontiers and recent advancements in cryptographic agility research frontier, examining the utilized approaches and emphasizing the perception of application layer encryption in end-to-end encryption systems. The paper delves into the state of practice of cryptographic libraries and programming interfaces, outlining recognized challenges and knowledge gaps that warrant exploration through new scientific research. Furthermore, we outline the values of cryptographic agility in a manifesto and propose a survey structure to validate our assumptions. 
Place, publisher, year, edition, pages
IEEE Computer Society, 2024. p. 65-72
Keywords [en]
application-level encryption, Cryptographic agility, end-to-end encryption, key-encapsulation mechanism, Application level, CryptoGraphics, Encryption system, Key encapsulation mechanisms, Open-source, Position papers, Research studies
National Category
Security, Privacy and Cryptography
Identifiers
URN: urn:nbn:se:bth-27461DOI: 10.1109/DASC64200.2024.00015ISI: 001445502600009Scopus ID: 2-s2.0-85216551882ISBN: 9798331522728 (print)OAI: oai:DiVA.org:bth-27461DiVA, id: diva2:1938114
Conference
22nd IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2024, Boracay Island, Nov 5-8, 2024
Available from: 2025-02-17 Created: 2025-02-17 Last updated: 2025-09-30Bibliographically approved
In thesis
1. Understanding the role of Key Encapsulation Mechanisms in Cryptographic Migrations: Towards Cryptographic-Agility in IoT Systems Based on End-to-End Encryption Approach
Open this publication in new window or tab >>Understanding the role of Key Encapsulation Mechanisms in Cryptographic Migrations: Towards Cryptographic-Agility in IoT Systems Based on End-to-End Encryption Approach
2025 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

The increasing data-security regulation and cyber-threats requires IT vendors to use new cryptographic tools or refactor live systems to encrypt existing data. One step in that direction is integrating an appropriate security protocol and cryptographic software library during the system design phase. However, it is not sufficient when it happens to migrate existing data to encrypted form in the live system on-the-fly, re-encrypt data to a different encryption standard, or have the data of the same origin but encrypted with different standards. This thesis explores the new emergent area of cryptographic agility, which focuses on various challenges while adopting cryptographic migrations in live systems. We proposed End-to-End Encryption (E2EE) design for telemetry data security in two different applications: maritime surveillance and drone-management. We aimed to understand the role of Key Encapsulation Mechanism (KEM) cryptographic primitive in the data-security domain. The notion of crypto-agility constitutes a context-sensitive, activity-based perspective on data security. In this thesis, we aim at both understanding and exploring practical possibilities of this notion. We employ a mixed-methods approach to achieve our aim: Experimentation, Literature Review and Survey. We have studied and applied quantum-safe KEM cryptographic primitives to simulate practical cryptographic migration in live IoT systems. We have shown the importance of KEM security properties and the performance of KEM primitives for telemetry data confidentiality. We proposed new crypto-agility values and trade offs as decision making support tool for consumers of cryptographic technologies. Furthermore, we have employed systematization of knowledge to structure how different types of contributions developed various KEM notions, its influence on the standardization process, and presence in cryptographic software libraries over the last 40 years. The proposed approaches have been shown to be capable of explaining the role of KEM in cryptographic migrations and underlying properties of crypto agility. This can facilitate domain experts in narrowing down the scope of analysis while achieving sufficiency for cryptographic migrations in live IoT systems based on end-to-end encryption protocols.
Place, publisher, year, edition, pages
Karlskrona: Blekinge Tekniska Högskola, 2025. p. 160
Series
Blekinge Institute of Technology Licentiate Dissertation Series, ISSN 1650-2140 ; 2025:04
Keywords
Cryptographic agility, end-to-end encryption, application-level encryption, key-encapsulation mechanism
National Category
Security, Privacy and Cryptography
Research subject
Computer Science
Identifiers
urn:nbn:se:bth-27713 (URN)978-91-7295-498-4 (ISBN)
Presentation
2025-09-24, J1630, Campus Karlskrona, 10:00 (English)
Opponent
Supervisors
Projects
Connect2SmallPorts
Available from: 2025-04-11 Created: 2025-04-11 Last updated: 2025-09-30Bibliographically approved

Open Access in DiVA

fulltext(498 kB)175 downloads
File information
File name FULLTEXT01.pdfFile size 498 kBChecksum SHA-512
efed6008f5f7159d7f264fbb27cc099eab7ea95c9aed04b372280beba4a48beaab2bef4473afb836482fa627762ef0246b7705c8bbe704647640d6af18d4c810
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Silonosov, AlexandrHenesey, Lawrence

Search in DiVA

By author/editor
Silonosov, AlexandrHenesey, Lawrence
By organisation
Department of Computer Science
Security, Privacy and Cryptography

Search outside of DiVA

GoogleGoogle Scholar
Total: 177 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 1036 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
BTH Library
|
Publish/Register
|
How to publish/register
|
Diva portal
|
SwePub
|
Uppsök