{ "bomFormat": "CycloneDX", "specVersion": "1.7", "serialNumber": "urn:uuid:a3f2c1d4-7e89-4b12-9f03-2e5a6c8d1b47", "version": 1, "metadata": { "timestamp": "2026-03-01T09:14:32Z", "tools": [ { "vendor": "ExeQuantum", "name": "CipherScout", "version": "1.0" } ], "component": { "type": "application", "name": "Acme Financial Services — External TLS Scan", "version": "scan-2026-03-01" }, "properties": [ { "name": "exequantum.scan.scope", "value": "external-network" }, { "name": "exequantum.scan.target", "value": "api.acmefinancial.example" }, { "name": "exequantum.qhs", "value": "62" }, { "name": "exequantum.qhs.label", "value": "MODERATE RISK — PQC hybrid detected on transport but certificate remains quantum-vulnerable" } ] }, "components": [ { "type": "cryptographic-asset", "name": "TLS 1.3 Protocol", "bom-ref": "crypto/protocol/tls-1.3@api.acmefinancial.example:443", "cryptoProperties": { "assetType": "protocol", "protocolProperties": { "type": "tls", "version": "1.3", "cipherSuites": [ { "name": "TLS_AES_256_GCM_SHA384", "algorithms": [ "crypto/algorithm/aes-256-gcm", "crypto/algorithm/sha384", "crypto/algorithm/kx-x25519mlkem768" ] } ] } }, "properties": [ { "name": "exequantum.asset.type", "value": "tls.protocol" }, { "name": "exequantum.discovery.method", "value": "external-tls-handshake" }, { "name": "exequantum.discovery.timestamp", "value": "2026-03-01T09:14:33Z" }, { "name": "exequantum.qvs", "value": "37" }, { "name": "exequantum.quantum_vulnerable", "value": "false" }, { "name": "exequantum.finding", "value": "TLS 1.3 with X25519MLKEM768 hybrid key exchange detected. Transport layer is PQC-ready. No action required on this component." } ] }, { "type": "cryptographic-asset", "name": "AES-256-GCM", "bom-ref": "crypto/algorithm/aes-256-gcm", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { "algorithmFamily": "AES", "primitive": "ae", "executionEnvironment": "software-plain-ram", "implementationPlatform": "other", "certificationLevel": ["fips-140-3"], "parameterSetIdentifier": "256", "mode": "gcm", "nistQuantumSecurityLevel": 5, "cryptoFunctions": ["encrypt", "decrypt", "tag"] }, "oid": "2.16.840.1.101.3.4.1.46" }, "properties": [ { "name": "exequantum.source", "value": "tls.cipher" }, { "name": "exequantum.qvs", "value": "20" }, { "name": "exequantum.quantum_vulnerable", "value": "false" }, { "name": "exequantum.finding", "value": "AES-256 provides approximately 128 bits of post-quantum security via Grover's algorithm. Acceptable under current NIST guidance." } ] }, { "type": "cryptographic-asset", "name": "SHA-384", "bom-ref": "crypto/algorithm/sha384", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { "algorithmFamily": "SHA2", "primitive": "hash", "executionEnvironment": "software-plain-ram", "implementationPlatform": "other", "certificationLevel": ["fips-140-3"], "nistQuantumSecurityLevel": 4, "cryptoFunctions": ["digest"] }, "oid": "2.16.840.1.101.3.4.2.2" }, "properties": [ { "name": "exequantum.source", "value": "tls.cipher" }, { "name": "exequantum.qvs", "value": "15" }, { "name": "exequantum.quantum_vulnerable", "value": "false" } ] }, { "type": "cryptographic-asset", "name": "KeyAgreement-X25519MLKEM768", "bom-ref": "crypto/algorithm/kx-x25519mlkem768", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { "algorithmFamily": "X25519+ML-KEM", "primitive": "kem", "executionEnvironment": "software-plain-ram", "implementationPlatform": "other", "certificationLevel": ["unknown"], "parameterSetIdentifier": "X25519MLKEM768", "nistQuantumSecurityLevel": 3, "cryptoFunctions": ["keygen", "keyderive"] } }, "properties": [ { "name": "exequantum.source", "value": "tls.key_share_group" }, { "name": "exequantum.discovery.method", "value": "ssl_group-c-extension" }, { "name": "exequantum.qvs", "value": "5" }, { "name": "exequantum.quantum_vulnerable", "value": "false" }, { "name": "exequantum.pqc_hybrid", "value": "true" }, { "name": "exequantum.pqc_ready", "value": "true" }, { "name": "exequantum.finding", "value": "PQC hybrid key exchange X25519MLKEM768 detected via live TLS session. Server is negotiating ML-KEM-768 (NIST FIPS 203) combined with X25519. This is the recommended transitional configuration for TLS 1.3 under current NIST and IETF guidance." } ] }, { "type": "cryptographic-asset", "name": "Certificate Public Key (id-ecPublicKey P-256)", "bom-ref": "crypto/material/cert-pubkey-ec-p256@api.acmefinancial.example:443", "cryptoProperties": { "assetType": "related-crypto-material", "relatedCryptoMaterialProperties": { "type": "public-key", "size": 256, "algorithmRef": "crypto/algorithm/ecdsa-p256" } }, "properties": [ { "name": "exequantum.source", "value": "certificate.public_key" }, { "name": "exequantum.qvs", "value": "75" }, { "name": "exequantum.quantum_vulnerable", "value": "true" }, { "name": "exequantum.finding", "value": "EC P-256 public key is quantum-vulnerable. ECDSA is broken by Shor's algorithm on a cryptographically relevant quantum computer (CRQC). Key is present in the certificate independent of the PQC-hybrid TLS handshake — both must be addressed separately." } ] }, { "type": "cryptographic-asset", "name": "ECDSA P-256", "bom-ref": "crypto/algorithm/ecdsa-p256", "cryptoProperties": { "assetType": "algorithm", "algorithmProperties": { "algorithmFamily": "EC", "primitive": "signature", "executionEnvironment": "software-plain-ram", "implementationPlatform": "other", "certificationLevel": ["unknown"], "curve": "P-256", "nistQuantumSecurityLevel": 0, "cryptoFunctions": ["sign", "verify"] } }, "properties": [ { "name": "exequantum.source", "value": "certificate.signature_algorithm" }, { "name": "exequantum.qvs", "value": "75" }, { "name": "exequantum.quantum_vulnerable", "value": "true" } ] }, { "type": "cryptographic-asset", "name": "api.acmefinancial.example:443 — X.509 Certificate", "bom-ref": "crypto/cert/api.acmefinancial.example:443", "cryptoProperties": { "assetType": "certificate", "certificateProperties": { "certificateFormat": "X.509", "subjectName": "CN=api.acmefinancial.example", "issuerName": "CN=R11, O=Let's Encrypt, C=US", "serialNumber": "04:a1:7b:3c:9d:2e:f0:58:11:cc:84:72:b5:3d:9a:01", "notValidBefore": "2026-01-15T00:00:00Z", "notValidAfter": "2026-04-15T23:59:59Z", "signatureAlgorithmRef": "crypto/algorithm/ecdsa-p256", "subjectPublicKeyRef": "crypto/material/cert-pubkey-ec-p256@api.acmefinancial.example:443" } }, "properties": [ { "name": "exequantum.asset.type", "value": "certificate" }, { "name": "exequantum.qvs", "value": "75" }, { "name": "exequantum.quantum_vulnerable", "value": "true" }, { "name": "exequantum.nist_quantum_security_level", "value": "0" }, { "name": "exequantum.remediation", "value": "Replace EC P-256 certificate with a post-quantum or hybrid alternative. Recommended migration path: (1) Short-term — move to ECDSA P-384 for improved classical security margin. (2) Medium-term — adopt a hybrid P-256+ML-DSA certificate (draft-ietf-lamps-pq-composite-sigs) to achieve both classical and quantum resistance. (3) Long-term — migrate fully to ML-DSA (FIPS 204) once CA support is widespread. Certificate renewal cycle provides a low-disruption migration window." } ] }, { "type": "cryptographic-asset", "name": "SSH Host Key — Ed25519", "bom-ref": "crypto/material/ssh-hostkey-ed25519@api.acmefinancial.example:22", "cryptoProperties": { "assetType": "related-crypto-material", "relatedCryptoMaterialProperties": { "type": "public-key", "size": 256 } }, "properties": [ { "name": "exequantum.source", "value": "ssh.host_key" }, { "name": "exequantum.asset.type", "value": "ssh.host_key" }, { "name": "exequantum.ssh.key_type", "value": "ssh-ed25519" }, { "name": "exequantum.ssh.fingerprint", "value": "SHA256:kP3mNvQ8xL2rJfT5wYhBdC1oUeGs9AiZnXpKqW4yRjM" }, { "name": "exequantum.qvs", "value": "80" }, { "name": "exequantum.quantum_vulnerable", "value": "true" }, { "name": "exequantum.finding", "value": "Ed25519 (Edwards-curve DSA) is broken by Shor's algorithm on a CRQC. SSH host key rotation to a PQC-capable key type will be necessary once PQC SSH host key support matures in OpenSSH (tracked in IETF draft-kampanakis-curdle-ssh-pq-ke)." } ] }, { "type": "cryptographic-asset", "name": "DKIM Signing Key — api.acmefinancial.example", "bom-ref": "crypto/material/dkim-key@mail.acmefinancial.example", "cryptoProperties": { "assetType": "related-crypto-material", "relatedCryptoMaterialProperties": { "type": "public-key", "size": 2048 } }, "properties": [ { "name": "exequantum.source", "value": "email.dkim" }, { "name": "exequantum.asset.type", "value": "email.dkim_key" }, { "name": "exequantum.email.dkim_algorithm", "value": "rsa-sha256" }, { "name": "exequantum.email.dkim_selector", "value": "google" }, { "name": "exequantum.qvs", "value": "85" }, { "name": "exequantum.quantum_vulnerable", "value": "true" }, { "name": "exequantum.finding", "value": "RSA-2048 DKIM signing key is quantum-vulnerable. RSA is broken by Shor's algorithm on a CRQC. DKIM with Ed25519 (RFC 8463) is the current best-practice interim step; migration to a PQC signing algorithm will be required once IETF email security WGs finalise PQC DKIM standards." } ] } ], "services": [ { "bom-ref": "service:api.acmefinancial.example:443", "name": "api.acmefinancial.example", "endpoints": [ "https://api.acmefinancial.example:443" ], "properties": [ { "name": "exequantum.asset.type", "value": "tls" }, { "name": "exequantum.qvs", "value": "37" }, { "name": "exequantum.quantum_vulnerable", "value": "false" }, { "name": "exequantum.discovery.method", "value": "external-tls-handshake" }, { "name": "exequantum.discovery.timestamp", "value": "2026-03-01T09:14:33Z" } ] } ], "dependencies": [ { "ref": "service:api.acmefinancial.example:443", "dependsOn": [ "crypto/protocol/tls-1.3@api.acmefinancial.example:443", "crypto/algorithm/aes-256-gcm", "crypto/algorithm/sha384", "crypto/algorithm/kx-x25519mlkem768", "crypto/cert/api.acmefinancial.example:443", "crypto/material/cert-pubkey-ec-p256@api.acmefinancial.example:443" ] }, { "ref": "crypto/protocol/tls-1.3@api.acmefinancial.example:443", "dependsOn": [ "crypto/algorithm/aes-256-gcm", "crypto/algorithm/sha384", "crypto/algorithm/kx-x25519mlkem768" ] }, { "ref": "crypto/cert/api.acmefinancial.example:443", "dependsOn": [ "crypto/material/cert-pubkey-ec-p256@api.acmefinancial.example:443", "crypto/algorithm/ecdsa-p256" ] } ], "_cipherscout_summary": { "note": "This summary object is a CipherScout extension and is not part of the CycloneDX 1.7 schema. Strip before ingesting into strict schema validators.", "total_assets": 9, "quantum_vulnerable_assets": 4, "quantum_safe_assets": 5, "quantum_health_score": 62, "qhs_label": "MODERATE RISK", "surfaces_assessed": ["tls", "certificate", "ssh", "email"], "key_findings": [ "PQC hybrid key exchange (X25519MLKEM768) detected — transport layer is quantum-ready", "Certificate uses classical ECDSA P-256 — quantum-vulnerable, requires migration", "SSH host key (Ed25519) is quantum-vulnerable — monitor IETF PQC SSH drafts for migration path", "DKIM signing key (RSA-2048) is quantum-vulnerable — migrate to Ed25519 DKIM as interim step" ], "priority_remediations": [ { "asset": "crypto/cert/api.acmefinancial.example:443", "action": "Replace EC P-256 certificate with P-256+ML-DSA hybrid or pure ML-DSA (FIPS 204)", "urgency": "HIGH" }, { "asset": "crypto/material/dkim-key@mail.acmefinancial.example", "action": "Rotate DKIM key from RSA-2048 to Ed25519 (RFC 8463) as interim measure", "urgency": "MEDIUM" }, { "asset": "crypto/material/ssh-hostkey-ed25519@api.acmefinancial.example:22", "action": "Monitor IETF draft-kampanakis-curdle-ssh-pq-ke — no production-ready PQC SSH host key standard yet", "urgency": "LOW — MONITOR" } ] } }