Considerations for Achieving Crypto Agility: Strategies and Practices is the latest publication from NIST, now released in its final form as CSWP 39 in December, 2025. It’s a comprehensive guide for organizations on transitioning away from static cryptographic implementations, and it points towards a more flexible ‘crypto agile’ posture.
Crypto agility reflects the ability to replace or adapt cryptographic infrastructure without disrupting system operations or security. With a crypto agile position, an organization can consider its cryptography as a modular, manageable system property, rather than a hard-coded feature.
The paper identifies several technical ‘levers’ to aid crypto agility, which are interesting to consider. For example:
- Modularity – separating cryptographic algorithms from the application logic, allowing developers to easily switch out libraries or algorithms.
- Abstraction via APIs – standardized APIs can help applications call for a secure connection rather than a specific algorithm.
- Policy/Mechanism separation – storing cryptographic policies in config files or management consoles means they no longer need to be hard-wired in the source code
- Hybrid Mechanisms – supporting the use of PQ/T during the transition period helps maintain security against both current and future threats.
NIST also proposes a strategic plan that encourages crypto agility as part of a broader risk management and cybersecurity framework. It’s a key point for 2026, the year of quantum security, as organizations move towards governance of their transition, beginning with inventories (CBOMS) and now including essential considerations such as risk assessment, lifecycle management and monitoring.
The central message of CSWP 39 is then, that crypto agility is no longer an option, but a necessity. With the shortening timeline for quantum threats, organizations must switch their thinking to ‘planned agility’ building systems that are designed to change as the threat landscape evolves. There are certainly challenges ahead: for example, ensuring backward compatibility with legacy systems, and managing performance trade-offs when deploying new post-quantum algorithms. It’s a mission that PQShield has been considering for a while now, and our Product suite of post-quantum IP for hardware and software has specifically been designed with each of these considerations in mind.
It’s great to see this milestone from NIST, helping organizations aim for cryptographic agility in a world in which it’s fast becoming essential.