Definition. An architectural principle whereby cryptographic algorithms, key lengths, and protocols are treated as swappable configuration rather than hard-coded assumptions. A crypto-agile platform can respond to new standards or compromised algorithms without requiring deep code changes.

Why relevant. The transition to post-quantum cryptography is not a one-off upgrade — it is an ongoing process. Hard-coding algorithms today means high migration costs with every future standard update. Crypto agility in practice means algorithm negotiation in protocols, configurable cipher suites, centralised key management, and dependencies on cryptographic libraries rather than proprietary implementations.

Related.Post-Quantum Cryptography, ML-DSA, ML-KEM, DevSecOps