Quantum Readiness Survey

1. Do you use HTTPS with RSA or ECDHE key exchange? πŸ€”
RSA and ECDHE are vulnerable to Shor's algorithm. This checks if your website or service still relies on them.

2. Are you using a version of OpenSSH older than 9.0? πŸ€”
OpenSSH versions before 9.0 do not support post-quantum key exchange hybrids.

3. Do your VPNs rely on classic DH or ECDH? πŸ€”
VPN protocols using classic DH or ECDH are broken by quantum attacks. This includes many IPsec and WireGuard setups.

4. Are RSA or ECC keys used in long-lived systems (e.g. firmware)? πŸ€”
Systems like firmware and embedded devices often use long-lived keys that can’t be easily upgraded later.

5. Do you use PGP/GPG with RSA or ECC keys? πŸ€”
PGP and GPG mostly use RSA or ECC, which will be broken by quantum computers.

6. Is your code signing still using RSA or ECDSA? πŸ€”
Many code signing systems use vulnerable algorithms. If broken, attackers could forge software updates.

7. Do you interact with blockchains like Bitcoin or Ethereum? πŸ€”
Public keys exposed on-chain are vulnerable to quantum attacks after transaction broadcast.

8. Are any secure chats encrypted with ECDH/ECDSA and stored somewhere? πŸ€”
If messages are recorded, ECDH/ECDSA means they can be decrypted later by quantum computers.

9. Have you reviewed or started to implement post-quantum cryptography? πŸ€”
Post-quantum algorithms like Kyber and Dilithium are designed to resist quantum attacks.

10. Do you have a 12-month plan for PQC migration? πŸ€”
Planning migration now will prevent disruption and secure your systems against future threats.