Cryptographic Security

Cryptographic Bill
of Materials

Every algorithm has an expiration date. Every certificate has a shelf life. Every key has an adversary. A C-BOM is how you find out what you have — before a quantum computer finds it for you.

C-BOM POST-QUANTUM CRYPTO-AGILITY FIPS 203/204/205 HARVEST-NOW-DECRYPT-LATER

⚠ THREAT INTEL

Harvest-now-decrypt-later attacks active — adversaries collecting traffic TODAY to decrypt later ◆ NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA) published August 2024 ◆ RSA and ECC: ZERO quantum resistance — begin migration planning immediately ◆ NIST IR 8547: quantum-vulnerable algorithms deprecated from all standards by 2035 ◆ IBM expects first quantum advantage by late 2026 — Shor's algorithm will run at scale ◆ Without a C-BOM, you cannot know which systems are exposed ◆ Harvest-now-decrypt-later attacks active — adversaries collecting traffic TODAY to decrypt later ◆ NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA) published August 2024 ◆ RSA and ECC: ZERO quantum resistance — begin migration planning immediately ◆ NIST IR 8547: quantum-vulnerable algorithms deprecated from all standards by 2035 ◆ IBM expects first quantum advantage by late 2026 — Shor's algorithm will run at scale ◆ Without a C-BOM, you cannot know which systems are exposed ◆

⚠

Harvest-Now-Decrypt-Later Attacks Are Active Right Now

State-sponsored actors are intercepting and storing encrypted network traffic today — targeting data with long-term confidentiality value. When a cryptographically relevant quantum computer exists, this data decrypts instantly. Without a Cryptographic Bill of Materials, you cannot identify which of your systems are affected.

What Is a Cryptographic Bill of Materials?

A Cryptographic Bill of Materials (C-BOM) is a comprehensive, structured inventory of every cryptographic algorithm, protocol, key, certificate, library, and cipher suite deployed across an organisation's systems. It answers the questions that attackers — and quantum computers — are already asking: What cryptographic assumptions protect your data? What is the weakest link? What breaks first?

Unlike a standard software bill of materials (SBOM), a C-BOM focuses specifically on the cryptographic foundations of security — the layer that quantum computing directly attacks. A C-BOM maps not just what algorithms are deployed, but their age, their quantum vulnerability, their data protection scope, and when they require migration.

The core insight is stark: you cannot manage what you cannot measure. Without a complete cryptographic inventory, organisations have no baseline from which to plan post-quantum migration, no visibility into where harvest-now-decrypt-later attacks have the highest value, and no understanding of their cryptographic technical debt.

The Y2Q Position: A C-BOM is not a one-time compliance exercise. It is a living asset that becomes increasingly critical as the quantum timeline compresses. Organisations that do not begin now will face emergency migration — the worst possible context for getting cryptography right.

Research Findings

What the Research Tells Us

Key findings from NIST, IBM Research, and cryptographic literature. The quantum threat is not speculative — it is a measured, timestamped risk with documented milestones.

Critical Finding

Shor's Algorithm Breaks RSA & ECC — Published 1994

Peter Shor's 1994 algorithm proves that a quantum computer can factorise large integers in polynomial time, directly breaking RSA public-key encryption. It can also solve the discrete logarithm problem, breaking elliptic-curve cryptography. This mathematical fact has been documented for 30 years. The attack is not theoretical — only the hardware is pending.

Source: Shor, P.W. (1994) — FOCS Proceedings

Active Threat

Harvest-Now, Decrypt-Later (HNDL) Is Ongoing

State-sponsored threat actors are actively harvesting encrypted communications today, storing ciphertext for decryption when quantum capability arrives. Intelligence agencies have characterised this as an active, persistent collection strategy. Data encrypted with RSA or ECC today has zero long-term confidentiality against a quantum-capable adversary.

Source: NSA, CISA — Post-Quantum Guidance

NIST Standard

FIPS 203, 204 & 205 Released: August 2024

NIST published three finalised post-quantum cryptographic standards: FIPS 203 (ML-KEM, key encapsulation), FIPS 204 (ML-DSA, digital signatures), and FIPS 205 (SLH-DSA, hash-based signatures). These are based on mathematical problems believed to resist both classical and quantum attacks. Deployment should begin now.

Source: NIST CSRC — August 2024

Critical Deadline

NIST Deprecates Quantum-Vulnerable Algorithms by 2035

NIST IR 8547 establishes the transition timeline: quantum-vulnerable algorithms including RSA, DSA, ECDSA, and ECDH will be deprecated from all NIST standards by 2035. High-risk systems — those protecting long-lived sensitive data — must transition significantly earlier. Non-compliant systems will be fully exposed.

Source: NIST IR 8547 — 2024

IBM Roadmap

IBM Expects Quantum Advantage by Late 2026

IBM states it expects to realise the first quantum advantages by late 2026, provided quantum and high-performance computing communities work in concert. IBM's roadmap targets 200 logical qubits capable of running 100 million quantum gates by 2029, scaling to 2,000 logical qubits and 1 billion gates by 2033.

Source: IBM Quantum — 2024

Grover's Algorithm

Symmetric Encryption Weakened — Not Broken

Grover's algorithm provides a quadratic speedup for unstructured search problems. Effect: AES-128 becomes effectively 64-bit against a quantum adversary. AES-256 retains ~128-bit post-quantum security. Implication: symmetric encryption requires key-size upgrades; it does not require replacing entirely. This contrasts with RSA and ECC which are broken outright.

Source: Grover, L.K. (1996) — Bell Labs

IBM Breakthrough

New Error-Correcting Code: 10× More Efficient

In 2024, IBM announced a new landmark quantum error-correcting code approximately 10 times more efficient than prior methods. This points toward running quantum circuits with a billion logic gates or more — a critical step toward cryptographically relevant scale. The engineering challenges are shrinking on a documented timeline.

Source: IBM Quantum — Nature, 2024

Market Scale

$1.3 Trillion Quantum Computing Market by 2035

Quantum computing is projected to become a $1.3 trillion industry by 2035, driven by pharmaceutical, financial, logistics, and defence applications. State and corporate investment in quantum hardware is accelerating rapidly. The infrastructure to run Shor's algorithm at scale is being built now — funded and incentivised at national levels.

Source: McKinsey Global Institute — 2023

Algorithm Risk Assessment

Cryptographic Algorithm Status Under Quantum Attack

Current quantum risk posture for widely deployed algorithms. This is what a C-BOM must capture and track.

Algorithm	Type	Quantum Risk	Attack Vector	Recommended Action
RSA-2048 / RSA-4096	Asymmetric	⬛ CRITICAL	Shor's Algorithm — fully broken	Migrate to ML-KEM (FIPS 203) immediately
ECDSA / ECDH (P-256, P-384)	Asymmetric / Key Exchange	⬛ CRITICAL	Shor's Algorithm — discrete log solved	Migrate to ML-DSA (FIPS 204) for signatures
DSA	Digital Signature	⬛ CRITICAL	Discrete logarithm via Shor	Migrate to ML-DSA or SLH-DSA (FIPS 205)
AES-128	Symmetric	▲ HIGH	Grover's Algorithm — effective 64-bit	Upgrade to AES-256 for long-lived data
AES-256	Symmetric	✓ SAFE	Grover halves to ~128-bit: acceptable	Retain; no migration required
SHA-256 / SHA-384	Hash	◎ MEDIUM	Grover halves preimage resistance	SHA-384 preferred; SHA-256 acceptable for most
SHA-3 (SHA3-256/512)	Hash	✓ SAFE	Minimal Grover impact at 256+ bits	Retain; post-quantum safe
TLS 1.3 with RSA/ECDHE	Protocol	⬛ CRITICAL	Key exchange layer broken by Shor	Migrate to hybrid PQC TLS (FIPS 203 key exchange)
ML-KEM (FIPS 203)	Key Encapsulation	✓ SAFE	Module-lattice — no known quantum attack	Adopt now for key establishment
ML-DSA (FIPS 204)	Digital Signature	✓ SAFE	Module-lattice — no known quantum attack	Adopt now; replaces RSA/ECDSA signatures
SLH-DSA (FIPS 205)	Digital Signature	✓ SAFE	Stateless hash-based — conservative security	Adopt now; strong backup to ML-DSA
MD5 / SHA-1	Hash (Legacy)	⬛ CRITICAL	Classically broken already (collisions)	Eliminate immediately; classically compromised
3DES / DES / RC4	Symmetric (Legacy)	⬛ CRITICAL	Classically weak + quantum further reduces	Eliminate immediately; no compliant use case

Enterprise Python 3.7+ v2.0.0 — Cryptographic Focus

The Y2Q C-BOM Tool

A professional Cryptographic Bill of Materials management platform built by Y2Q to operationalise post-quantum migration at enterprise scale. Track every algorithm, key, certificate, library, and cipher suite across your organisation. Assess quantum vulnerability. Enforce compliance standards. Generate security posture scores. Know what you have — before an adversary exploits what you cannot see.

SCHEDULE A DEMO CONTACT FOR LICENSING ↗

🔐

Cryptographic Asset Management

Track algorithms, keys, certificates, libraries, and cipher suites with full lifecycle management including rotation schedules and expiration alerts.

🛡️

Vulnerability Scanning

Detect known CVEs against cryptographic components. CVSS score tracking and automatic risk assessment against both classical and quantum attack vectors.

✅

Compliance Checking

Automated validation against FIPS 140-2, PCI DSS, HIPAA, and SOC 2. Instant compliance status reports with actionable remediation guidance.

📊

Security Posture Score

0–100 risk scoring model. Identifies critical, high, medium, and low risk assets. Drives prioritised remediation based on quantum exposure and data sensitivity.

🕒

Version Control & Audit Trail

Snapshot-based version control with full change history. Compare versions to identify drift. Audit logging with timestamps, users, and change details.

🌐

Hierarchical BOM Support

Model complex multi-system environments with parent–child BOM hierarchies. Cost rollup, dependency tracking, and tree visualisation across the full cryptographic stack.

📤

JSON & CSV Export

Export full C-BOM inventories and audit logs in JSON for version control integration and CSV for spreadsheet analysis or compliance reporting.

💡

Recommendations Engine

Automated recommendations based on detected vulnerabilities, compliance gaps, and quantum readiness posture. Prioritised by risk severity and migration urgency.

Three Interface Modes

⌨️

CLI Mode

Command-line interface for scripting, automation, and CI/CD pipeline integration. Full access to all C-BOM operations via flags and arguments.

python main.py --cli

🖥️

GUI Mode

Desktop application built on tkinter. Visual component editor, cost analysis dashboard, validation tools, audit log viewer, and version history browser.

python main.py

🌐

Web Interface

Browser-based interface powered by Flask. Access your C-BOM from any device. View dashboards, manage assets, run compliance checks, and export reports.

python main.py --web

Quick Start — Cryptographic Asset Inventory
                    
                    cbom_example.py — Y2Q C-BOM Tool v2.0.0
                
from cbom import CryptoAsset, CryptoBOM

from cbom.validator import CryptoBOMValidator

# Create a new cryptographic BOM for your organisation

bom = CryptoBOM("Organisation Name", "Annual cryptographic inventory")

# Add your RSA key — immediately flagged as quantum-vulnerable

rsa_key = CryptoAsset(

    id="RSA-TLS-01",

    name="TLS Certificate Key",

    asset_type="key",

    algorithm="RSA-2048",

    key_length=2048,

    purpose="TLS key exchange",

    status="active",

    compliance=["PCI-DSS"],

    rotation_schedule="365 days"

)

bom.add_asset(rsa_key)

# Add a compliant post-quantum algorithm

mlkem = CryptoAsset(

    id="ML-KEM-01",

    name="Post-Quantum Key Encapsulation",

    asset_type="algorithm",

    algorithm="ML-KEM-768",      # NIST FIPS 203

    purpose="quantum-safe key exchange",

    compliance=["FIPS 203", "FIPS 140-2"],

    status="active"

)

bom.add_asset(mlkem)

# Assess security posture — quantum readiness score

posture = CryptoBOMValidator.get_security_posture(bom)

print(f"Security Score: {posture['security_score']}/100")

# Get prioritised quantum migration recommendations

recs = CryptoBOMValidator.get_bom_recommendations(bom)

for r in recs:

    print(f"  → {r}")

# Export for reporting and version control

bom.export_json("crypto_inventory.json")

bom.export_csv("crypto_inventory.csv")

# ── Output ──────────────────────────────────────────────

Security Score: 62/100

  → CRITICAL: RSA-2048 (RSA-TLS-01) provides zero post-quantum resistance

  → ACTION: Migrate TLS key exchange to ML-KEM-768 (FIPS 203)

  → Deadline: NIST deprecation 2035 — high-risk systems must migrate earlier

Exported: crypto_inventory.json | crypto_inventory.csv

Risk Level Classification

🔴

Critical

Expired assets, algorithms with known quantum breaks (RSA, ECC), active CVEs, classically broken ciphers (MD5, DES, SHA-1).

🟠

High

CVSS 7.0+, weak key lengths (AES-128, RSA-1024), deprecated standards, algorithms lacking post-quantum consideration.

🟡

Medium

CVSS 4.0–6.9, suboptimal key lengths, algorithms with limited remaining lifespan, missing compliance tagging.

🟢

Low

Strong current algorithms (AES-256, SHA-3, ML-KEM, ML-DSA), current compliance status, valid key rotation schedules in place.

What Goes Into a Complete C-BOM?

A complete C-BOM documents every cryptographic component across the full stack:

Symmetric algorithms — AES (128/192/256), ChaCha20, DES (legacy), 3DES, RC4; mode of operation (GCM, CBC, CTR)
Asymmetric algorithms — RSA (all key sizes), ECDSA, ECDH, DH; key length, curve name, usage purpose
Hash functions — SHA-256, SHA-384, SHA-512, SHA-3, MD5 (legacy), SHA-1 (deprecated); where each is used and why
Key derivation functions — PBKDF2, Argon2, bcrypt, scrypt; iteration counts and salt management
Protocols and cipher suites — TLS versions and configured cipher suites, SSH algorithm negotiation, VPN configurations
Certificates — X.509 certificate inventory, expiration dates, signing algorithms, certificate authority chains
Key management infrastructure — Generation, storage (HSM, software, cloud KMS), rotation schedules, retirement procedures
Cryptographic libraries — OpenSSL, BoringSSL, NSS, libsodium, Bouncy Castle; versions and known CVEs
Post-quantum migration status — Which components are migrated, in planning, or unaddressed
Data classifications and lifetimes — What data each algorithm protects and for how long confidentiality is required

Crypto-Agility: The Architecture Requirement

A C-BOM is not useful if the systems it inventories cannot be changed. Crypto-agility — the ability to swap cryptographic algorithms without redesigning entire systems — is the architectural property that makes a C-BOM actionable.

Crypto-agility requires:

Algorithm abstraction — Cryptographic operations are encapsulated behind interfaces; implementations are swappable without touching application logic
Parallel protocol support — New algorithms (ML-KEM, ML-DSA) can be deployed alongside legacy ones during transition windows
Migration planning — Defined processes for deprecating old algorithms and adopting new ones on documented timelines
Performance impact assessment — Post-quantum algorithms have different performance characteristics; latency and throughput must be re-evaluated
Hybrid key exchange — Combining classical and post-quantum algorithms during transition ensures protection against both attack classes

Without crypto-agility, discovery via C-BOM produces a list of problems with no path to resolution. NIST's Migration to Post-Quantum Project at the NCCoE specifically prioritises identifying and fixing crypto-rigid systems before the 2035 deadline.

C-BOM and the Quantum Risk Intersection

The quantum risk in a C-BOM inventory is not uniform. Prioritisation depends on the intersection of algorithm vulnerability and data lifetime:

Long-lifetime sensitive data + quantum-vulnerable algorithm = Critical — State secrets, medical records, legal documents, intellectual property. These are harvest targets today. Replace encryption immediately or accept that eventual exposure is certain.
Short-lifetime data + quantum-vulnerable algorithm = Medium — Transient session data, ephemeral tokens. The confidentiality window may close before quantum computers are available — but this depends on timelines that are accelerating.
Long-lifetime data + quantum-safe algorithm = Low — If you have already migrated to AES-256, ML-KEM, or ML-DSA, the long-term risk is substantially reduced.
Digital signatures + quantum-vulnerable algorithm = High — Signatures validated in the future (legal documents, software updates, certificates) lose integrity if the signing algorithm is quantum-broken. Non-repudiation and authenticity fail.

The Harvest-Now-Decrypt-Later Problem: For confidentiality, the threat exists NOW. Adversaries do not need quantum computers to collect data — only to store it. Your C-BOM must identify data with multi-year confidentiality requirements and flag it for immediate encryption upgrade, regardless of when quantum computers actually arrive.

C-BOM as Compliance and Governance Infrastructure

C-BOM is increasingly required by or directly referenced in regulatory frameworks:

NIST IR 8547 and PQC Migration — Explicitly recommends cryptographic inventory as the foundation of post-quantum migration planning. Without a C-BOM, compliance with the 2035 deadline is not achievable in a structured way.
NIST Cybersecurity Framework (CSF 2.0) — The IDENTIFY function requires asset inventory including cryptographic assets.
PCI-DSS v4.0 — Requires documented cryptographic protocols for payment card data protection and management of cryptographic key lifecycles.
HIPAA — Mandates encryption standards for protected health information, requiring knowledge of what algorithms are deployed.
EU Cyber Resilience Act — Emerging requirements around software and hardware cybersecurity will increasingly drive C-BOM-style inventories.
NSA CNSA 2.0 — NSA's Commercial National Security Algorithm Suite 2.0 mandates post-quantum algorithms for National Security Systems and sets migration timelines.

C-BOM as a Living System

A C-BOM that is not continuously maintained becomes a liability. Systems change. Dependencies are updated. New CVEs are published. Quantum timelines compress. An outdated C-BOM creates false confidence.

Maintaining a living C-BOM requires:

Integration with development and deployment pipelines — cryptographic changes trigger automatic C-BOM updates
Automated discovery tooling — scanners that identify cryptographic usage across codebases, configurations, and network traffic
Regular review cycles — at minimum quarterly; more frequently for high-risk environments
Change ownership — defined accountability for each cryptographic component and its migration status
Incident trigger integration — cryptographic vulnerability disclosures automatically cross-referenced with the inventory

The Y2Q C-BOM Tool provides the version control, audit logging, and automated assessment infrastructure required to keep a C-BOM alive and actionable across organisational time horizons.

Honest Note: A C-BOM is not a solution to quantum risk. It is a prerequisite for developing one. Without knowing what you have, you cannot plan what to change. The tool makes the inventory manageable — the migration decisions remain yours.

Product Status: The Y2Q C-BOM Tool (v2.0.0) is a professional enterprise platform for cryptographic asset management and post-quantum migration planning. NIST, NSA, and major technology organisations now treat C-BOM as baseline due diligence for post-quantum compliance. The tool supports CLI, GUI, and Web interfaces with full compliance checking, vulnerability scanning, and quantum risk scoring. Available under professional licensing — contact Y2Q to discuss deployment and implementation support.

Cryptographic Billof Materials