{ "version": "1.0", "lastUpdated": "2025-12-29", "organization": "PQCNow", "scope": "All PQC Ecosystem Products", "frameworks": [ { "id": "nist-pqc-migration", "name": "NIST Post-Quantum Cryptography Migration", "authority": "National Institute of Standards and Technology (NIST)", "region": "United States", "status": "COMPLIANT", "version": "Draft (2024)", "url": "https://csrc.nist.gov/Projects/post-quantum-cryptography", "requirements": [ { "id": "PQC-1", "requirement": "Implement NIST-approved post-quantum algorithms", "status": "COMPLIANT", "evidence": [ "ML-DSA-44/65/87 (FIPS 204) implemented across all products", "ML-KEM-768 (FIPS 203) implemented in Chat and Extension", "CBOM/QBOM documents all algorithm usage" ], "products": ["All"] }, { "id": "PQC-2", "requirement": "Maintain cryptographic inventory (CBOM)", "status": "COMPLIANT", "evidence": [ "Automated CBOM generator produces CycloneDX 1.6 compatible output", "CBOM/QBOM files available for download", "Quarterly CBOM regeneration and publication" ], "products": ["All"] }, { "id": "PQC-3", "requirement": "Plan for algorithm agility", "status": "COMPLIANT", "evidence": [ "Algorithm Agility Framework documented", "Versioned signatures/ciphertexts", "Hybrid mode support (classical + PQC)" ], "products": ["All"] }, { "id": "PQC-4", "requirement": "Support legacy systems during transition", "status": "COMPLIANT", "evidence": [ "Hybrid ECDSA+ML-DSA on blockchain", "Backward compatible signature verification", "Gradual migration strategy documented" ], "products": ["Blockchain", "Wallets"] } ] }, { "id": "fips-204", "name": "FIPS 204 - Module-Lattice-Based Digital Signature Standard", "authority": "NIST", "region": "United States", "status": "COMPLIANT", "version": "Final (August 2024)", "url": "https://csrc.nist.gov/pubs/fips/204/final", "requirements": [ { "id": "FIPS204-1", "requirement": "Use approved parameter sets (ML-DSA-44/65/87)", "status": "COMPLIANT", "evidence": [ "ML-DSA-44 (2, 4, 4) parameters: public key 1312 bytes, signature 2420 bytes", "ML-DSA-65 (4, 6, 5) parameters: public key 1952 bytes, signature 3309 bytes", "ML-DSA-87 (6, 8, 7) parameters: public key 2592 bytes, signature 4627 bytes", "Reference implementation: BouncyCastle 1.78, @noble/post-quantum 0.2" ], "products": ["All"] }, { "id": "FIPS204-2", "requirement": "Proper key generation using approved RNG", "status": "COMPLIANT", "evidence": [ "FIPS 140-2 validated RNG (/dev/urandom, BCryptGenRandom)", "256-bit minimum entropy", "Documented in Key Lifecycle Policy Section 3.1" ], "products": ["All"] }, { "id": "FIPS204-3", "requirement": "Correct signature generation and verification", "status": "COMPLIANT", "evidence": [ "Automated test suite validates signature correctness", "Cross-library verification (BouncyCastle ↔ @noble ↔ liboqs)", "Known Answer Tests (KAT) from NIST" ], "products": ["All"] } ] }, { "id": "fips-203", "name": "FIPS 203 - Module-Lattice-Based Key-Encapsulation Mechanism", "authority": "NIST", "region": "United States", "status": "COMPLIANT", "version": "Final (August 2024)", "url": "https://csrc.nist.gov/pubs/fips/203/final", "requirements": [ { "id": "FIPS203-1", "requirement": "Use approved parameter sets (ML-KEM-512/768/1024)", "status": "COMPLIANT", "evidence": [ "ML-KEM-768 implemented in Chat (end-to-end encryption)", "ML-KEM-768 available in Extension (optional)", "Ciphertext size: 1088 bytes, public key: 1184 bytes" ], "products": ["Chat", "Extension"] }, { "id": "FIPS203-2", "requirement": "Perfect forward secrecy for session keys", "status": "COMPLIANT", "evidence": [ "Ephemeral ML-KEM keypairs per session", "Private keys destroyed after session end", "Documented in Key Lifecycle Policy Section 3.2" ], "products": ["Chat"] } ] }, { "id": "cnsa-2.0", "name": "Commercial National Security Algorithm Suite 2.0", "authority": "National Security Agency (NSA)", "region": "United States", "status": "PARTIAL_COMPLIANCE", "version": "September 2022", "url": "https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF", "requirements": [ { "id": "CNSA-1", "requirement": "Support ML-DSA for digital signatures (by 2030 for NSS)", "status": "COMPLIANT", "evidence": [ "ML-DSA-65 (NIST Level 3) and ML-DSA-87 (NIST Level 5) available", "Ahead of 2030 deadline" ], "products": ["All"] }, { "id": "CNSA-2", "requirement": "Support ML-KEM for key establishment (by 2030 for NSS)", "status": "COMPLIANT", "evidence": [ "ML-KEM-768 implemented", "Ahead of 2030 deadline" ], "products": ["Chat", "Extension", "Browser"] }, { "id": "CNSA-3", "requirement": "Hardware security modules for key protection", "status": "PARTIAL", "evidence": [ "HSM required for Certificate Authority (FIPS 140-2 Level 3)", "User keys in mobile: Secure Enclave (iOS) / StrongBox (Android)", "Not all deployments use HSM (cost constraints)" ], "products": ["Certificate Authority", "Wallets"] } ] }, { "id": "iso-27001", "name": "ISO/IEC 27001:2022 - Information Security Management", "authority": "International Organization for Standardization (ISO)", "region": "Global", "status": "IN_PROGRESS", "version": "2022", "url": "https://www.iso.org/standard/27001", "requirements": [ { "id": "ISO27001-A8.24", "requirement": "Use of cryptography (quantum-safe)", "status": "COMPLIANT", "evidence": [ "Cryptographic policy documented (Key Lifecycle Policy)", "Algorithm selection justified (NIST standards)", "Regular cryptographic reviews" ], "products": ["All"] }, { "id": "ISO27001-A8.1", "requirement": "Inventory of assets (including cryptographic keys)", "status": "COMPLIANT", "evidence": [ "CBOM/QBOM inventory maintained", "Key registry in HSM", "Automated asset discovery" ], "products": ["All"] }, { "id": "ISO27001-A5.14", "requirement": "Information transfer security", "status": "COMPLIANT", "evidence": [ "TLS 1.3 with PQC (X25519Kyber768) in Browser", "End-to-end encryption in Chat (ML-KEM-768)", "Signed transactions on blockchain (ML-DSA)" ], "products": ["All"] }, { "id": "ISO27001-Certification", "requirement": "Independent certification audit", "status": "PLANNED", "evidence": [ "Certification audit scheduled for Q3 2026", "Gap analysis completed", "Remediation in progress" ], "products": ["All"] } ] }, { "id": "gdpr", "name": "General Data Protection Regulation (GDPR)", "authority": "European Union", "region": "European Union", "status": "COMPLIANT", "version": "2018", "url": "https://gdpr.eu/", "requirements": [ { "id": "GDPR-Art32", "requirement": "State-of-the-art encryption for personal data", "status": "COMPLIANT", "evidence": [ "Post-quantum cryptography exceeds current state-of-the-art", "End-to-end encryption in Chat (stronger than WhatsApp/Signal)", "Wallet private keys never exposed to server" ], "products": ["Chat", "Wallets", "E-Signature"] }, { "id": "GDPR-Art25", "requirement": "Data protection by design and by default", "status": "COMPLIANT", "evidence": [ "User private keys generated on-device (privacy by design)", "Mnemonic phrases never sent to server", "Minimal data collection (telemetry is opt-in and anonymized)" ], "products": ["All"] }, { "id": "GDPR-Art17", "requirement": "Right to erasure ('right to be forgotten')", "status": "PARTIAL", "evidence": [ "User accounts can be deleted (CA, E-Signature services)", "Blockchain data is immutable (cannot erase transactions)", "Disclosure: Blockchain addresses are pseudonymous, not directly personal data" ], "products": ["All except Blockchain"] } ] }, { "id": "nist-800-57", "name": "NIST SP 800-57 - Key Management Recommendations", "authority": "NIST", "region": "United States", "status": "COMPLIANT", "version": "Part 1 Rev. 5 (May 2020)", "url": "https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final", "requirements": [ { "id": "SP800-57-5.3", "requirement": "Key generation using approved methods", "status": "COMPLIANT", "evidence": [ "Key Lifecycle Policy Section 3 defines generation standards", "FIPS 140-2 validated RNG required", "Documented entropy sources" ], "products": ["All"] }, { "id": "SP800-57-8", "requirement": "Key storage and distribution security", "status": "COMPLIANT", "evidence": [ "Private keys encrypted at rest (AES-256-GCM)", "HSM for CA keys (FIPS 140-2 Level 3)", "Secure Enclave/StrongBox for mobile" ], "products": ["All"] }, { "id": "SP800-57-8.3.4", "requirement": "Key rotation and revocation", "status": "COMPLIANT", "evidence": [ "CA intermediate keys: annual rotation", "TLS keys: 90-day rotation (Let's Encrypt)", "OCSP + CRL for certificate revocation" ], "products": ["Certificate Authority", "Browser"] } ] }, { "id": "etsi-quantum-safe", "name": "ETSI Quantum-Safe Cryptography Guidelines", "authority": "European Telecommunications Standards Institute", "region": "European Union", "status": "COMPLIANT", "version": "ETSI GR QKD 007 V2.1.1 (2021)", "url": "https://www.etsi.org/technologies/quantum-safe-cryptography", "requirements": [ { "id": "ETSI-QSC-1", "requirement": "Use quantum-safe algorithms for long-term confidentiality", "status": "COMPLIANT", "evidence": [ "ML-KEM-768 for encryption (30+ years security)", "ML-DSA for signatures (30+ years security)", "No reliance on RSA/ECDSA alone" ], "products": ["All"] }, { "id": "ETSI-QSC-2", "requirement": "Hybrid cryptography for transition period", "status": "COMPLIANT", "evidence": [ "Blockchain supports ECDSA+ML-DSA hybrid", "Browser supports X25519+Kyber768 TLS", "Gradual migration strategy documented" ], "products": ["Blockchain", "Browser"] } ] }, { "id": "bsi-tr-02102", "name": "BSI TR-02102-1 - Cryptographic Mechanisms (Germany)", "authority": "Bundesamt für Sicherheit in der Informationstechnik (BSI)", "region": "Germany", "status": "PARTIAL_COMPLIANCE", "version": "2025-01", "url": "https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr02102/tr02102_node.html", "requirements": [ { "id": "BSI-PQC-1", "requirement": "Prepare for post-quantum cryptography by 2026", "status": "COMPLIANT", "evidence": [ "PQC implemented in 2024-2025 (ahead of deadline)", "ML-DSA and ML-KEM deployed across products" ], "products": ["All"] }, { "id": "BSI-PQC-2", "requirement": "Migration plan for existing systems", "status": "COMPLIANT", "evidence": [ "Algorithm Agility Framework documented", "Hybrid mode for legacy compatibility", "Gradual rollout strategy" ], "products": ["All"] } ] }, { "id": "anssi-views", "name": "ANSSI Views on Quantum-Safe Cryptography (France)", "authority": "Agence nationale de la sécurité des systèmes d'information", "region": "France", "status": "COMPLIANT", "version": "November 2022", "url": "https://www.ssi.gouv.fr/en/publication/position-paper-on-quantum-key-distribution/", "requirements": [ { "id": "ANSSI-1", "requirement": "Prefer standardized PQC over QKD for most use cases", "status": "COMPLIANT", "evidence": [ "Using NIST-standardized algorithms (not QKD)", "Software-based PQC (no quantum hardware required)", "Interoperable with standard protocols" ], "products": ["All"] }, { "id": "ANSSI-2", "requirement": "Hybrid approach during transition", "status": "COMPLIANT", "evidence": [ "Hybrid ECDSA+ML-DSA available", "Hybrid TLS (X25519+Kyber768)", "Users can choose security level" ], "products": ["Blockchain", "Browser"] } ] }, { "id": "soc2-type2", "name": "SOC 2 Type II (Security, Availability, Confidentiality)", "authority": "American Institute of CPAs (AICPA)", "region": "United States (recognized globally)", "status": "PLANNED", "version": "2023 TSC", "url": "https://www.aicpa.org/soc2", "requirements": [ { "id": "SOC2-CC6.1", "requirement": "Logical and physical access controls", "status": "IN_PROGRESS", "evidence": [ "HSM for CA keys (physical security)", "Multi-factor authentication for admin access", "Access logs for all key operations" ], "products": ["Certificate Authority", "E-Signature"] }, { "id": "SOC2-CC6.7", "requirement": "Encryption of data in transit and at rest", "status": "COMPLIANT", "evidence": [ "TLS 1.3 for all network communications", "Private keys encrypted at rest (AES-256)", "End-to-end encryption in Chat" ], "products": ["All"] }, { "id": "SOC2-Audit", "requirement": "Independent auditor examination (Type II)", "status": "PLANNED", "evidence": [ "SOC 2 Type II audit scheduled for Q2 2026", "Policies and controls documented", "6-month observation period required" ], "products": ["Certificate Authority", "E-Signature"] } ] }, { "id": "pci-dss", "name": "PCI DSS 4.0 (Payment Card Industry Data Security Standard)", "authority": "PCI Security Standards Council", "region": "Global", "status": "NOT_APPLICABLE", "version": "4.0 (March 2022)", "url": "https://www.pcisecuritystandards.org/", "requirements": [ { "id": "PCI-NA", "requirement": "Not applicable - No payment card processing", "status": "NOT_APPLICABLE", "evidence": [ "Products do not process, store, or transmit payment card data", "Cryptocurrency transactions are out of scope", "Future e-commerce integration may require compliance" ], "products": ["None currently"] } ] } ], "summary": { "totalFrameworks": 12, "compliant": 7, "partialCompliance": 2, "inProgress": 2, "planned": 1, "notApplicable": 1, "overallStatus": "SUBSTANTIALLY_COMPLIANT", "lastAuditDate": null, "nextAuditDate": "2026-Q2", "complianceScore": "75%", "notes": [ "Ahead of most regulatory deadlines (CNSA 2.0 requires PQC by 2030)", "Missing formal ISO 27001 and SOC 2 certifications (planned for 2026)", "Strong technical compliance, governance documentation in place", "Continuous monitoring and quarterly reviews implemented" ] }, "certifications": { "current": [], "inProgress": [ { "name": "ISO/IEC 27001:2022", "expectedDate": "2026-Q3", "certificationBody": "TBD", "scope": "Certificate Authority and E-Signature services" }, { "name": "SOC 2 Type II", "expectedDate": "2026-Q2", "certificationBody": "TBD", "scope": "Certificate Authority and E-Signature services" } ], "planned": [ { "name": "NIST FIPS 140-3 Cryptographic Module Validation", "expectedDate": "2027-Q1", "certificationBody": "NIST CAVP", "scope": "Core cryptographic libraries (liboqs, BouncyCastle wrappers)" } ] }, "thirdPartyAudits": { "completed": [], "scheduled": [ { "type": "Security Audit", "firm": "TBD (Trail of Bits, NCC Group, or similar)", "date": "2026-Q1", "scope": "PQC implementation review across all products" }, { "type": "Penetration Test", "firm": "TBD", "date": "2026-Q2", "scope": "Certificate Authority and Blockchain infrastructure" } ] }, "riskAssessment": { "quantumThreatTimeline": { "currentYear": 2025, "estimatedCRQC": "2030-2040 (conservative estimate)", "harvestNowDecryptLaterRisk": "HIGH (data with 10+ year confidentiality)", "mitigationStatus": "PROTECTED (using PQC)" }, "complianceRisks": [ { "risk": "Lack of formal third-party certification", "impact": "MEDIUM", "likelihood": "LOW", "mitigation": "Self-certification in place, formal audits scheduled for 2026" }, { "risk": "Algorithm vulnerability discovery", "impact": "HIGH", "likelihood": "LOW", "mitigation": "Algorithm Agility Framework, hybrid mode, monitoring academic research" }, { "risk": "Regulatory divergence (NIST vs BSI vs CNSA)", "impact": "MEDIUM", "likelihood": "MEDIUM", "mitigation": "Tracking all major standards, multi-algorithm support" } ] } }