// AI PQC ANALYZER · QUANTUM-READINESS PRO
Quantum-vulnerable crypto inventory and NIST PQC migration plan.
Paste source code, a TLS/cipher config, a certificate, or SSH settings. The analyzer inventories the cryptography an attacker could break with a quantum computer — RSA, ECDSA, ECDH, DH — flags harvest-now-decrypt-later exposure, and hands you a prioritized migration plan to the NIST standards ML-KEM, ML-DSA, and SLH-DSA.
Why post-quantum migration matters now
A large enough quantum computer running Shor's algorithm would break the public-key cryptography that secures almost everything — RSA, Diffie-Hellman, and the elliptic-curve schemes ECDH and ECDSA. The threat is not only future: under "harvest now, decrypt later", an adversary can record encrypted traffic today and decrypt it once the hardware arrives, so any data that must stay confidential for years is already exposed. Grover's algorithm separately halves the effective strength of symmetric keys and hash preimages, which is why AES-128 should become AES-256 and SHA-256 should move to SHA-384/512 or SHA-3 for long-lived data.
The NIST answer
In 2024 NIST finalized the first post-quantum standards: ML-KEM (FIPS 203) for key establishment, and ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) for digital signatures, with LMS/XMSS (SP 800-208) for firmware signing. Best practice during the transition is hybrid deployment — a classical algorithm alongside a PQC one — so you keep today's assurances while gaining quantum resistance. This analyzer inventories what you have and maps each primitive to its NIST target, prioritizing the harvest-now-decrypt-later exposure first.
This is an inventory and planning aid, not a complete cryptographic audit. A full migration also needs protocol/dependency scanning, HSM and certificate-authority coordination, and testing. Coverage reflects only what you submit.
Frequently asked questions
What is "harvest now, decrypt later"?
Attackers can capture encrypted traffic today and decrypt it once a cryptographically-relevant quantum computer exists. That makes migrating key exchange and encryption the most time-sensitive part of post-quantum readiness — long-lived secrets are already at risk.
Which algorithms are quantum-vulnerable?
Public-key crypto — RSA, DSA, Diffie-Hellman, ECDH, ECDSA, and EdDSA — is broken by Shor's algorithm and must migrate. Symmetric AES-128 and SHA-256 are weakened by Grover's algorithm and should move to AES-256 and SHA-384/512 or SHA-3.
What does it recommend migrating to?
The finalized NIST standards: ML-KEM (FIPS 203) for key establishment, ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) for signatures, and LMS/XMSS (SP 800-208) for firmware — with hybrid classical+PQC deployments during the transition.
Do you store my code or config?
No. Your input is analyzed for your session and discarded. Only metadata is recorded — source type, algorithm families found, quantum-risk score, and HNDL exposure — never the code or configuration itself.
Is this a full cryptographic audit?
No. It is an inventory and planning aid based on what you paste. A complete PQC migration also needs dependency and protocol scanning, HSM/hardware review, certificate-authority coordination, and testing.