Quantum Bill of Materials (QBOM) Vulnerabilities
Quantum Bill of Materials (QBOM) evaluates quantum-readiness and catalog ciphers susceptible to quantum decryption (e.g. RSA, ECDSA). Precogs AI maps quantum-vulnerable algorithms and audits post-quantum cryptography (PQC) migration risks like hybrid handshake failures.
What is a Quantum Bill of Materials (QBOM) and why do you need it?
A QBOM is a specialized cryptographic inventory focusing on quantum risk assessment. Traditional cryptographic standards (like RSA and ECC) rely on mathematical factoring and discrete logarithms that can be solved by a sufficiently powerful quantum computer running Shor's algorithm. Attackers are actively performing 'Harvest Now, Decrypt Later' attacks, storing encrypted enterprise traffic to decrypt when quantum computing scales. A QBOM catalogs all quantum-vulnerable algorithms in your systems and tracks PQC transitions—such as ML-KEM (Kyber) and ML-DSA (Dilithium) deployments—to identify misconfigured hybrid handshakes or decryption vulnerabilities.
Vulnerability Types
CWE-1240
HIGHUse of a Cryptographic Algorithm with Insufficient Key Size
Using key sizes that are vulnerable to Shor's or Grover's quantum algorithms. For example, RSA-2048 and ECDSA P-256 offe...
CWE-1244
HIGHUse of a Cryptographic Algorithm with Weak Mathematical Properties
Using algorithms whose mathematical structure makes them vulnerable to Shor's factoring. This covers all RSA, DH, and EC...
CWE-327
HIGHUse of a Broken or Risky Cryptographic Algorithm in PQC Migration
Failed negotiations during post-quantum handshake transitions, such as hybrid handshakes failing back to insecure classi...
Recently Discovered in QBOM Security
Browse the latest vulnerabilities and exposures dynamically tracked to the QBOM Security domain.