Search

CAMM
CAMM
  • Overview
  • Model
  • Requirements
  • Case Study
  • Get in touch
  • Workshop
  • Related

CAMM related

Projects, Activities, Tools, Publications

Projects and Activities

Migration to Post-Quantum Cryptography project (NIST NCCoE)

The National Cybersecurity Center of Excellence (NCCoE) is collaborating with stakeholders in the public and private sectors to bring awareness to the challenges involved in migrating from the current set of public-key cryptographic algorithms to quantum-resistant algorithms.

Project website and preliminary draft


Other models related to CAMM and/or cryptographic agility

PKI maturity model (PKIMM)

A maturity model with a focus on public key infrastructures. In our best estimation, this initiative will have to deal with PQC migration issues in the not too distant future.

Model website and Working Group Charter

Financial Services - Information Sharing and Analysis Center (FS-ISAC)

FS-ISAC proposes a framework for implementing crypto agility based on CAMM.

Whitepaper Building Cryptographic Agility in the Financial Sector, October 2024 (PDF). local copy

Alliance for Telecommunications Industry Solutions (ATIS)

ATIS proposes another framework, that introduces so called Crypto Agility Metrics in order for organizations to measure, assess, and enhance their preparedness for the shift to quantum-safe cryptography.

Whitepaper Strategic Framework for Crypto Agility and Quantum Risk Assessment, January 2024. local copy

Deloitte.

Deloitte proposes a framework based on the CSF Community Profile.

Whitepaper Cryptographic Resilience: A Cyber Security Framework (CSF) 2.0 Community Profile, April 2025. local copy


Tools

Tools for (Automated) Cryptographic Inventories (cf. CAMM requirement 1.4).

Although for the first tool, PQC algorithms are not yet tested here, this tool could be used as a starting point for a tool that helps to build a cryptography inventory

  • Testing TLS/SSL encryption
  • InfoSec Global: AgileSec™ Analytics
  • Entrust: AgileScan Analytics
  • SandBoxAQ: AQtive Guard: Discover
  • Santander Security Research: Cryptoinventory Data Model PoC
  • Open Source Detection Tool by our group. See related publication On Criteria and Tooling for Cryptographic Inventories. https://doi.org/10.18420/sicherheit2024_003

Publications

  • Nähter et al. „Migrating Software Systems Toward Post-Quantum Cryptography–A Systematic Literature Review“ (2024)
  • Nähter et al. „Toward a Common Understanding of Cryptographic Agility–A Systematic Review“ (2025) (PrePrint)
  • Varner et al. „Agile, post-quantum secure cryptography in avionics“ (2025)
  • Barker et al. “Considerations for Achieving Crypto Agility: Strategies and Practices” (2025) PDF, cites CAMM as one of the models to consider.
  • Wolf et al. “Practical Evaluation of the Crypto-Agility Maturity Model” (2025)

Please drop us a message if you thing we missed something that should be added here.

Updated: 10.07.2026


Imprint

© 2026 UCS Research Group

Cite
Copy Download