Skip to content
QS-p256high

NIST P-256 curve

Description

P-256 elliptic curve is quantum-vulnerable.

Quantum Threat

Broken by Shor's algorithm on a Cryptographically Relevant Quantum Computer (CRQC, est. 2030–2035). All public keys and signatures using this algorithm become forgeable or recoverable.

Recommended Replacement

ML-KEM or ML-DSA

Suppressing False Positives

Add a suppression comment on the flagged line, or the line above it:

// quantumscan-ignore
const algo = "RSA"; // quantumscan-ignore

Or create a .quantumscan-ignore file in your project root to suppress by rule ID or file path:

# Suppress this rule in all files
p256

# Suppress this rule only in test files
p256:src/**/*.test.ts

# Suppress all rules in legacy files
src/legacy/**

Regulatory & Standards References

NIST FIPS 203

ML-KEM (Kyber) — key encapsulation replacement for RSA/ECDH

NIST FIPS 204

ML-DSA (Dilithium) — signature replacement for ECDSA/RSA-sign

NIST FIPS 205

SLH-DSA (SPHINCS+) — hash-based signature fallback

NSA CNSA 2.0

Mandates ML-KEM-1024 + ML-DSA-87 for US national security systems. New systems: 2030. Legacy: 2033.

DORA Art. 7(2)(c)

EU Digital Operational Resilience Act — ICT risk management must ensure cryptographic agility and algorithm rotation capabilities.

NIS2 Art. 21(2)(h)

EU Network and Information Security Directive — adequacy of encryption and cryptographic standards as a baseline security measure.

Run a full AI-powered scan on your repository

QuantumScan detects this and 100+ other quantum-vulnerable patterns, then generates per-finding migration code diffs.

Scan your repository →