CWE-1244
Using cryptographic algorithms whose mathematical problems (factoring, discrete log) are solvable in polynomial time on quantum systems, compromising signatures and ciphers.
Precogs AI Insight
"Precogs AI audits cryptosystems to flag factoring-based and discrete-log-based algorithms, mapping them for migration to lattice-based post-quantum cryptography."
What is CWE-1244 (Use of a Cryptographic Algorithm with Weak Mathematical Properties)?
This weakness identifies algorithms whose underlying mathematical hard problems are weak when analyzed under specific cryptanalytic models. In a post-quantum computing context, this covers all cryptosystems relying on integer factorization (RSA) or discrete logarithms (Diffie-Hellman, DSA, Elliptic Curve Cryptography), as these mathematical structures are solvable in polynomial time using Shor's algorithm on a quantum computer.
Vulnerability Insights
The core security of modern asymmetric cryptography relies on the assumption that factoring large numbers or calculating discrete logs is computationally infeasible. Quantum computing breaks this assumption. Post-quantum cryptography (PQC) shifts to alternate mathematical structures, primarily lattice-based hard problems (like Ring-Learning With Errors, Ring-LWE), which are believed to be hard for both classical and quantum computers.
Impact on Systems
- Retroactive Decryption: Adversaries decrypt captured encrypted network traffic, compromising long-term data confidentiality.
- Digital Signature Forgery: Attacking signature verification to sign malicious binaries, authorize false financial requests, or forge TLS certificates.
- Session Hijacking: Bypassing authentication handshakes by calculating discrete logs and deriving shared secrets.
Real-World Attack Scenario
An enterprise signs software releases using a standard SHA-256 with ECDSA digital signature. An attacker intercepts public keys. Using a quantum computer, the attacker computes the discrete logarithm of the public key to retrieve the private key. The attacker then signs a malicious firmware update with the recovered key, bypassing secure boot validations on customer IoT devices.
Code Examples
Vulnerable Implementation
from cryptography.hazmat.primitives.asymmetric import ec
# VULNERABLE: Deploying Elliptic Curve cryptography (ECDH or ECDSA).
# Although secure against classical attacks, the underlying discrete log problem on elliptic curves is solvable by Shor's quantum algorithm.
def initiate_elliptic_handshake():
private_key = ec.generate_private_key(ec.SECP384R1())
return private_key
Secure Alternative
# SECURE: Implementing a hybrid handshake combining ECDH with a Post-Quantum lattice algorithm.
# For example, using ML-KEM-768 (Kyber) or ML-DSA (Dilithium) to ensure quantum resistance.
def initiate_hybrid_handshake():
# Load and execute a certified hybrid exchange (e.g. via OpenSSL 3.4+ or specialized PQC providers)
# This ensures that even if ECDH is broken by a quantum computer, the Kyber component protects the session.
pass
Remediation
Map all active instances of RSA, Diffie-Hellman, and Elliptic Curve algorithms within your codebase and infrastructure. Enforce hybrid TLS negotiation schemes (e.g., using X25519 + Kyber/ML-KEM) to bridge the gap during migration. Standardize on NIST-approved post-quantum algorithms (ML-KEM, ML-DSA) for all new systems requiring long-term data security.