QuantumScan
NTPsec/ntpsec
NTPsec repository contains 29 instances of quantum-vulnerable cryptographic primitives, primarily concentrated in legacy 'attic' code. While most critical findings (DES, MD5, SHA-1) exist in deprecated testing utilities rather than production code, the presence of DSA and Ed25519 in timing tests indicates awareness of algorithms that will fail against quantum attacks. The codebase shows reliance on older OpenSSL versions lacking post-quantum readiness.
| File | Algorithm | Severity | |
|---|---|---|---|
| attic/cipher-find.c:36 | DES | critical | |
| attic/digest-find.c:39 | MD5 | critical | |
| attic/digest-find.c:41 | SHA-1 | critical | |
| attic/digest-find.c:42 | SHA-1 | critical | |
| attic/digest-find.c:51 | DES | critical | |
| attic/digest-timing.c:188 | MD5 | critical | |
| attic/digest-timing.c:189 | SHA-1 | critical | |
| attic/digest-timing.c:190 | SHA-1 | critical | |
| attic/digest-timing.c:193 | MD5 | critical | |
| attic/digest-timing.c:194 | MD5 | critical |
Anyone with this link can view the risk score and top findings — no sign-in required. Source code stays private.
https://quantumscan.io/en/share/6156b3e3-a45a-4ab2-a1e5-ac436ef58152Show your project's post-quantum readiness in the README. The badge updates automatically after every new scan.
[](https://github.com/NTPsec/ntpsec)<a href="https://github.com/NTPsec/ntpsec"><img src="https://quantumscan.io/api/badge/NTPsec/ntpsec.svg" alt="Post-Quantum Readiness" /></a>Add badge to your README
Show your quantum-safety score directly on GitHub.
[](https://quantumscan.io/en/scan/6156b3e3-a45a-4ab2-a1e5-ac436ef58152)Save your results & track future changes
Create a free account to get drift alerts, compliance PDF exports, and scan history.
- Weekly drift alerts when new vulnerabilities appear
- Track risk score over time across all your repos
- Export DORA / NIS2 compliance PDF for auditors
Free forever for design partners · No credit card