Home // SECURWARE 2025, The Nineteenth International Conference on Emerging Security Information, Systems and Technologies // View article

Improving Crypto-Agility in Operational Technology through Exchangeable Smart Cards

Authors:
Tobias Frauenschläger
Jürgen Mottok

Keywords: Crypto-Agility; Smart Cards; Operational Technology; Post-Quantum Cryptography; Key Management; Security.

Abstract:
As industrial and Operational Technology (OT) systems face increasing cryptographic demands, including migration to post-quantum cryptography, the need for crypto-agility has become critical. However, retrofitting constrained embedded devices with new cryptographic capabilities is often impeded by hardware limitations, high certification costs, and operational complexity. In this work, we propose a modular architecture that externalizes cryptographic functionality through exchangeable smart cards. This decouples algorithm support and key storage from the host platform, enabling secure and flexible upgrades. We implement and evaluate this concept using resource-constrained embedded devices and a prototype smart card that supports both traditional and post-quantum algorithms. Our results demonstrate that even full cryptographic offloading is feasible with the constraints of OT environments and that the resulting overhead remains acceptable in typical deployment scenarios. We further analyze the security of the interface between the host and the smart card and outline protection mechanisms based on secure channels suitable for OT deployment.

Pages: 96 to 104

Copyright: Copyright (c) IARIA, 2025

Publication date: October 26, 2025

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-68558-306-4

Location: Barcelona, Spain

Dates: from October 26, 2025 to October 30, 2025