Q-Day readiness methodology

Discovery scope

The scanner discovers TLS certificates, JWKS signing keys, SSH host keys, email STARTTLS, and uploaded PEM/CSV bundles. Live scans probe port 443 (and scenario-defined ports); unreachable endpoints are recorded in scan coverage, not as false-positive assets.

Classification (Shor / Grover)

Each asset is mapped to a quantum vulnerability status: broken, at-risk (Shor-vulnerable RSA/ECC), safe (symmetric or PQC-ready), or unknown. Shor logical-qubit estimates are order-of-magnitude references only.

Mosca inequality

X (data shelf-life) + Y (migration time) versus Z (years to cryptographically relevant quantum computing). When X + Y > Z, harvest-now-decrypt-later risk is elevated for long-lived ciphertext.

Readiness score formula

Composite 0–100 score from quantum-vulnerable asset share, HNDL exposure, PQC-ready endpoint credit, and remediation coverage. Bands: Critical / At Risk / Developing / Prepared.

Coverage confidence

Heuristic 0–95% based on classified asset count (40% base + 4% per asset, capped at 95%). This is not a guarantee — shadow APIs, HSMs, and offline keys may be missed.

Glossary

• Readiness score — 0–100 composite score reflecting quantum-vulnerable asset share, HNDL exposure, PQC-ready endpoints, and remediation coverage. Higher is better. Reference
• Readiness band — Qualitative tier (Critical / At Risk / Developing / Prepared) derived from the readiness score for executive reporting. Reference
• Coverage confidence — Heuristic 0–95% estimate of scan completeness based on classified asset count. Not a guarantee — shadow keys and offline HSMs may be missed.
• Mosca inequality (X + Y > Z) — Dr. Michele Mosca's harvest-now-decrypt-later test: data shelf-life (X) plus migration time (Y) versus years to cryptographically relevant quantum computing (Z). When X + Y > Z, intercepted ciphertext may be decrypted before you finish migrating. Reference
• HNDL (Harvest Now, Decrypt Later) — Adversaries record encrypted traffic today and decrypt it once a cryptographically relevant quantum computer exists. Long-lived secrets and archived ciphertext are most exposed. Reference
• Already too late — Asset flagged when Mosca inequality holds for its data class — migration may not protect previously intercepted ciphertext.
• HNDL exposed — Asset flagged when Mosca inequality holds for its data class — migration may not protect previously intercepted ciphertext.
• CRQC (Cryptographically Relevant Quantum Computer) — A quantum computer capable of breaking widely deployed public-key cryptography such as RSA and elliptic-curve algorithms at scale. Reference
• Ciphertext — Encrypted data — readable only with the correct key. HNDL adversaries store ciphertext today to decrypt later when quantum computers break the wrapping public-key layer.
• Forward secrecy — Property of TLS 1.3 where session keys are ephemeral — passive capture of application data alone is insufficient without the handshake record.
• Key encapsulation (KEM) — Mechanism for securely exchanging symmetric keys. ML-KEM (FIPS 203) is the NIST-standardized post-quantum key encapsulation algorithm. Reference
• ECDH (Elliptic Curve Diffie-Hellman) — Key exchange using elliptic curves — quantum-vulnerable via Shor's algorithm. Used in most modern TLS handshakes.
• STARTTLS — Email encryption upgrade from plaintext to TLS in transit. Often uses RSA or ECDH — inventory email paths alongside web TLS.
• ML-KEM — NIST FIPS 203 module-lattice key encapsulation — the standardized post-quantum replacement for RSA/ECDH key exchange in hybrid TLS. Reference
• Shor logical qubits — Order-of-magnitude estimate of logical qubits required to break this key size via Shor's algorithm. Estimates only — not a Q-Day prediction. Reference
• Severity — Business impact tier (critical / high / medium / low / info) based on algorithm, exposure, and asset kind.
• Quantum status — Classification: broken (deprecated now), at-risk (Shor-vulnerable), safe (symmetric / PQC-ready), or unknown. Reference
• PQC ready — Endpoint negotiates hybrid post-quantum key exchange (e.g. X25519MLKEM768) or uses NIST-approved PQC algorithms. Reference
• Remediation coverage — Percentage of identified gaps with an assigned remediation action and tracked status.
• Crypto-agility score — Distinct from readiness: measures how quickly keys and algorithms can be rotated without service disruption. Reference

Limitations

• Endpoint-scoped inventory aid — not a formal cryptographic audit or penetration test.
• RSA/ECC remain classically secure until cryptographically relevant QC exists.
• Fixture replays use curated data; live scans reflect point-in-time negotiation.