ES2512-04b1e476 - Use of Non-Quantum-Resistant Algorithms #176
Description
Submission File: ES2512-04b1e476-new-use-non-quantum-resistant-algorithms.txt
ID: ES2512-04b1e476
SUBMISSION DATE: 2025-12-29 21:47:56
NAME: Use of Non-Quantum-Resistant Algorithms
DESCRIPTION:
This weakness is based on the progression of quantum computation and the
NIST standardization of post quantum cryptographic (PQC) schemes such as
ML-KEM. Currently, communications are intercepted by a number of threat
actors for future decryption when quantum computation is able to
practically support decryption of classical schemes such as RSA. While this
is presently a theoretical possibility, government regulations such as the
Quantum Computing Cybersecurity Preparedness Act are forcing migration to
post quantum cryptographic schemes in advance. A developer or designer
should be concerned with the use of classical algorithms as the use of
classical algorithms can lead to future impact such as the capture and
misuse of customer data, organization secrets, or sensitive information in
the future. The choice to refuse migration to PQC schemes in advance also
leads to the potential of dependencies on classical algorithms in the
future of new designs. This will lead to developers having to take on
complex migrations to support future security requirements which can be
avoided through proactive use of PQC schemes in new designs or proceeding
with migration to PQC schemes before regulatory deadlines.