Implementing Post-Quantum Cryptography in Software Applications

Preparing for the future by integrating cryptographic algorithms resistant to quantum computing threats.

0 likes
140 views

Rule Content

To ensure software applications are prepared for the advent of quantum computing and the associated cryptographic threats, the following Cursor IDE rule is established:

{
  "title": "Implementing Post-Quantum Cryptography in Software Applications",
  "description": "Ensure the integration of cryptographic algorithms resistant to quantum computing threats.",
  "category": "Security",
  "category_context": "Flags unsafe code, secrets, and insecure configurations.",
  "rules": [
    {
      "id": "PQC001",
      "name": "Use NIST-Approved Post-Quantum Cryptographic Algorithms",
      "description": "Ensure that cryptographic implementations utilize NIST-approved post-quantum algorithms such as ML-KEM (FIPS 203) for key encapsulation and ML-DSA (FIPS 204) for digital signatures.",
      "severity": "error",
      "patterns": [
        {
          "pattern": "import (crypto|cryptography|pycryptodome)",
          "message": "Verify that the cryptographic library supports NIST-approved post-quantum algorithms."
        },
        {
          "pattern": ".*(RSA|DSA|ECDSA|ECDH|DH).*",
          "message": "Replace traditional cryptographic algorithms with NIST-approved post-quantum algorithms."
        }
      ]
    },
    {
      "id": "PQC002",
      "name": "Avoid Deprecated Cryptographic Libraries",
      "description": "Ensure that cryptographic libraries used are up-to-date and support post-quantum cryptography.",
      "severity": "warning",
      "patterns": [
        {
          "pattern": "import (pycrypto|M2Crypto)",
          "message": "Replace deprecated cryptographic libraries with those supporting post-quantum algorithms."
        }
      ]
    },
    {
      "id": "PQC003",
      "name": "Implement Hybrid Cryptographic Solutions",
      "description": "Combine traditional and post-quantum cryptographic algorithms to ensure backward compatibility and enhanced security.",
      "severity": "info",
      "patterns": [
        {
          "pattern": ".*(RSA|DSA|ECDSA|ECDH|DH).*",
          "message": "Consider implementing hybrid cryptographic solutions combining traditional and post-quantum algorithms."
        }
      ]
    },
    {
      "id": "PQC004",
      "name": "Ensure Crypto-Agility",
      "description": "Design systems to be crypto-agile, allowing for seamless transition to new cryptographic standards as they emerge.",
      "severity": "info",
      "patterns": [
        {
          "pattern": ".*(hardcoded|fixed).*",
          "message": "Avoid hardcoding cryptographic algorithms; implement mechanisms to update algorithms as needed."
        }
      ]
    }
  ]
}
This rule set ensures that software applications are aligned with current best practices in post-quantum cryptography, enhancing security and resilience against emerging quantum computing threats.

Categories

Security

Tags

#post-quantum cryptography #encryption #future-proofing