CWE-1240
Using cryptographic keys of insufficient size, leaving encrypted payloads vulnerable to classical factoring or quantum decryption (Shor's/Grover's algorithms).
Precogs AI Insight
"Precogs AI identifies cryptographic key generation configurations that utilize key sizes susceptible to classical cracking or Shor's decryption."
What is CWE-1240 (Use of a Cryptographic Algorithm with Insufficient Key Size)?
This weakness occurs when a system deploys cryptographic keys that are too short to withstand cryptanalytic attacks. In the context of quantum computing and post-quantum migration, it specifically defines using keys (such as RSA-1024, RSA-2048, or ECDSA P-256) that offer zero mathematical protection against quantum decryption via Shor's factoring.
Vulnerability Insights
While RSA-2048 and ECC P-256 keys are still widely used for secure communication today, they are vulnerable to the "Harvest Now, Decrypt Later" attack vector. Adversaries intercept and store encrypted TLS sessions today, waiting to decrypt them using quantum computers when they scale. In quantum-safe standards, classical keys are replaced with post-quantum cryptography (PQC) or combined with classical ciphers using hybrid handshakes.
Impact on Systems
- Confidentiality Loss: Intercepted network sessions or stored local backups can be decrypted, exposing passwords, personal data, and business secrets.
- Identity Spoofing: Weak key sizes in code-signing or certificate authorities allow attackers to forge digital signatures and impersonate trusted servers.
- Compliance Failure: Failing cryptography guidelines outlined by NIST, CNSA, and regional security mandates.
Real-World Attack Scenario
A financial institution encrypts transaction messages using RSA-2048. An adversary records all encrypted transit payloads. Once a quantum computer with sufficient logical qubits becomes available, the attacker runs Shor's algorithm on the captured RSA keys to factor the modulus, reconstructing the private key and decrypting all historical transaction data.
Code Examples
Vulnerable Implementation
const crypto = require('crypto');
// VULNERABLE: Generating an RSA key pair with 1024 or 2048 bits.
// While 2048 bits is classically acceptable, it is completely broken under Shor's quantum computing model.
function generateWeakKeys() {
const { publicKey, privateKey } = crypto.generateKeyPairSync('rsa', {
modulusLength: 2048, // Insufficient for long-term quantum resistance
publicKeyEncoding: { type: 'spki', format: 'pem' },
privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
});
return { publicKey, privateKey };
}
Secure Alternative
const crypto = require('crypto');
// SECURE: Migrating to post-quantum algorithms (ML-KEM/Kyber) or combining with classical keys in a hybrid handshake (e.g., X25519 + Kyber).
// Here we generate a quantum-resistant key pair or enforce classical keys of maximum length (RSA-4096 / ECC P-384) in a hybrid configuration.
function generateQuantumResistantKeys() {
// Note: Node.js 21+ supports experimental PQC algorithms. In standard hybrid setups:
const { publicKey, privateKey } = crypto.generateKeyPairSync('ec', {
namedCurve: 'secp384r1' // Combine with post-quantum hybrid algorithm templates (e.g., X25519-Kyber768)
});
return { publicKey, privateKey };
}
Remediation
Upgrade key lengths to their maximum classical standards (RSA-4096, ECC P-384) and proactively integrate post-quantum hybrid key exchanges (such as X25519 + ML-KEM). Establish a Cryptographic/Quantum Bill of Materials (CBOM/QBOM) to inventory all cryptographic assets and plan migration paths for legacy keys.