On the Formalization of Cryptographic Migration

TL;DR

This paper introduces a formal model to analyze cryptographic migration challenges, combining mathematical analysis with real-world case studies to understand complexity and practical implications.

Contribution

It presents a novel formal framework for cryptographic migration, integrating mathematical tools and real-world data to assess migration complexity and strategies.

Findings

Cryptographic migration exhibits predictable expected complexity.

The model aligns with real-world migration patterns.

Numerical data supports the theoretical analysis.

Abstract

We present a novel approach to gaining insight into the structure of cryptographic migration problems which are classic problems in applied cryptography. We use a formal model to capture the inherent dependencies and complexities of such transitions. Using classical mathematical results from combinatorics, probability theory, and combinatorial analysis, we evaluate the challenges of migrating large cryptographic IT infrastructures and prove that - in a suitable sense - cryptographic migration exhibits a certain expected complexity. We also provide numerical data for selected parameter sets. Furthermore, we analyze the proposed model in terms of real-world patterns and its practical applicability. Additionally, we discuss the challenges of modeling real-world migration projects. As concrete examples we examine the transition to post-quantum cryptography of the CI/CD system GitLab and the multi-level technological transition of distribution power grids. This work paves the way for future advancements in both the theoretical understanding and practical implementation of cryptographic migration strategies.