PKI cryptographic building blocks

The migration of the cryptography used in a Public Key Infrastructure from classical to hybrid involves a number of steps. Firstly, there needs to be technical solutions that can replace the cryptographic building blocks. Then the protocols they are used in need to be adapted accordingly. Lastly, when the design of these new hybrid solutions is clear, the actual migration needs to happen.

The last step might seem the easiest, but a PKI involves different entities that have certain interdependencies. Work Package 6 of the HAPKIDO project has therefore been tasked with creating a generic overview of all the components and services within a PKI and their interdependencies. This overview will provide clarity in planning which entities should migrate their cryptography first and what the rest of the time line could look like. No complete overview exists to date, which is why input from partners is essential to create and validate an overview that accurately describes a wide variety of PKIs. Therefore, we will be contacting consortium partners to review their overview drafts and provide context for certain PKI concepts.

After this overview is finalized, it will be used as input for future deliverables where the PKIs of various partners within the HAPKIDO project are specified and migration strategies are proposed accordingly. Using patterns arising in the migration strategies, our work will provide a migration architecture roadmap tool. The outline and content of future deliverables will be determined in collaboration with Work Package 7, which will turn its focus on a transition roadmap next.