Evidence signature

Public signals bind to governed proof.

No customer data.

1FindQScout proof sequence
2ProveEvidence Handshake
3Fixpublic-to-private proof path

QScout-specific methodology

QScout Methodology

How QScout derives HNDL scores, severity weighting, finding confidence, CycloneDX CBOM structure, and report quality gates. The comprehensive treatment below covers the 7-factor HNDL model, single-break-year confidence intervals, NIST CNSA 2.0 alignment, and the migration-deadline calculator.

QScout Free Module Scope

QScout Free runs 24 requester-authorized public-surface modules across up to 10 total authorized same-domain public hosts.

View full HNDL methodology (867 lines, v2.0)View QScout Free module methodology Verify deployed SHA (live API)

On this page

Board Number
Validation Workflows
Deliverables
Validation & Review
Scanner Comparison
Quantum Proof-of-Work
PQC in Production
Cryptographic Debt Calculator
Public-to-Private Proof Path

Methodology & Proof Points

Our methodology combines automated scanning, provider-aligned workflow validation, and expert analysis to uncover cryptographic vulnerabilities and quantify their business impact.

~24 min read

Review Representative Outcomes

Methodology claims are governed by a live claim registry, review requirements for qualifying zero-critical challenge outcomes, and release evidence for public QStrike statements.

Key Takeaway:Our methodology uses multi-level analysis to compute a scenario-weighted “Board Number” risk metric. Public QStrike materials are limited to provider-aligned workflow profiles, release-verified modeled runtime statements, and governed claim-registry wording. Buyer-facing claims stay mapped to NIST IR 8547, CNSA 2.0, OMB M-23-02, NSM-10, and EO 14028 requirements.

1. Board-Level Risk Modeling (“Board Number”)

We provide a scenario-weighted exposure model that translates technical findings into a single board-ready risk metric. This model incorporates the likelihood of a cryptographically-induced breach (accounting for emerging quantum capabilities) and the business impact of such a breach. Our assessment engine combines passive, authenticated, and quantum-specific analysis to compute this risk in financial terms.

How the score works

• Quantum Exposure Window: Time-to-CRQC scenario model, sourced from Global Risk Institute expert-elicitation data and normalized to Qtonic Quantum's 2029 readiness/control planning horizon
• Loss equation: Expected Loss = Σ (Asset Class_i) × P(CRQC within window) × Exposure_i × Residual Control Factor_i
• Present value: Discounted at customer-configurable rate, with both undiscounted (risk appetite) and discounted (NPV) views provided
• Quantum Exposure Score (0-100): Normalized composite derived from expected loss and confidence bounds

A typical engagement might reveal catastrophic, irreversible data exposure due to quantum-vulnerable encryption inside the client's retention window — a level of risk that exceeds any reasonable appetite. By quantifying exposure in dollars and scenario impact, boards can act on math, not fear.

All assumptions (asset value, threat timelines, discount rates) and intermediate calculations are documented so the math survives audit scrutiny. Breach cost baseline: $4.88M global average (IBM/Ponemon 2024). Regulatory timeline: NIST IR 8547 deprecation path through 2035; OMB M-23-02 federal mandate. Cryptographic Debt analysis methodology informed by Federal Reserve research (2025) and G7 Cyber Expert Group roadmap.

2. Validation Workflows

When analysis flags a potential weakness exploitable by a quantum adversary, public materials stay at the provider-aligned workflow level. Scoped customer engagements determine when hardware-backed validation is used and what provider evidence is included in the final report.

Evidence included in reports

• Provider job artifacts: Backend name, job ID (or hash + verification method), timestamp, qubit count, circuit depth, shot count, result metadata
• Circuit evidence: Diagram screenshots and/or exported OpenQASM format with sensitive labels removed
• Console screenshots: Per-provider showing backend, job ID, and completion status
• Integrity controls: Published hashes of evidence files for post-engagement verification
• Reproducibility: “Run these same circuits” appendix for review

Public materials describe provider-aligned workflow validation and release evidence. Scoped customer engagements determine when hardware-backed validation is used, and those artifacts are included in customer reports when the scope requires them.

3. Deliverables & Sample Reports

QScout Free Snapshot + Governed Follow-Up Scope

• Executive summary with Quantum Exposure Score and exposure window
• Browser-safe public-surface signal summary
• CBOM priority inputs for governed follow-up scope
• TLS and certificate observations
• Prioritized migration inputs for the next execution step
• Governed exports only when scoped and approved
• Board-ready recommendations mapped to compliance frameworks

QStrike Scoped Validation Pack (90-120 day testing)

• Executive summary with exploitation narrative
• Proof-of-concept evidence for key vulnerabilities
• Complete CBOM mapping with dependency impact
• Quantum hardware job artifacts and circuit evidence
• Screenshots of sensitive material found (e.g. key fragments in memory)
• Migration governance handoff notes for QSolve
• Re-test validation after remediation

What we do not include in samples: No private keys, no customer traffic, no internal hostnames, no sensitive architecture diagrams.

Governed QScout follow-up can produce a CycloneDX 1.7 Cryptographic Bill of Materials with machine-readable quantum risk classification. QScout Free remains a browser-safe executive snapshot; raw enterprise artifacts and signed delivery require approved scope.

View Technical Documentation

QScout Module Methodology Sample Scan Report (JSON)

Request Full Sample Deliverables

Redacted sample materials with Board Number calculation, CBOM excerpts, and scoped-validation evidence are available upon request. Sample materials are sanitized before buyer review and exclude customer identifiers, private keys, and internal network details.

4. Validation & External Review

Governed validation artifacts remain available for procurement and audit review. Public references are anonymized and normalized for release.

Validation structure

• Historical validation: An anonymized client validation record with governed claim mapping and checksums
• $2M QStrike Challenge review: Zero-critical outcomes still require third-party review before any payout
• Challenge governance: Signed challenge terms define review, payout eligibility, and the annual program cap for zero-critical outcomes
• Standards alignment: Methodology is maintained against current NIST PQC standards (FIPS 203, 204, 205) and transition guidance

Public proof: Public diligence summaries describe governed engagement patterns. Buyer identifiers are removed, sensitive details are normalized, and public metrics are banded before release so procurement teams can assess outcomes without exposing protected environments.

• Derived from governed engagement evidence
• Normalized and rounded for controlled public release
• Aligned to delivered outcomes without reproducing protected buyer reports

Review anonymized customer proof summaries →

Buyer-facing validation language is now tied to the governed claim registry. If a proof pack or review statement is not live in the registry, it should not appear in product or buyer materials.

6. Quantum Proof-of-Work Finding

Each engagement includes at least one deep-dive finding showing how a quantum-relevant attack path could succeed given a specific vulnerability. We do not claim that today's public hardware can trivially break strong crypto like RSA-2048 on its own. Instead, we focus on scenarios where a classical weakness materially reduces problem complexity and then document the validation path used in the engagement.

Example: Ephemeral key leak + quantum factorization

Classical analysis discovers partial RSA private key fragments in debug logs (ephemeral key leak)
Leaked bits reduce RSA-2048 factorization from computationally infeasible to achievable within hours
Provider-aligned workflow evidence is gathered for the reduced-strength exploit path defined in scope
Customer report records the observed result, confidence notes, and reproduction constraints for reviewer follow-up
Report includes quantum circuit details, output evidence, and scaling limitations

What we claim: Classical techniques find the vulnerability. Scoped validation records how the exploit path was assessed and what evidence was captured for the client report. This gives clients a concrete proof trail for the most critical quantum-relevant weakness in their environment.

Current public quantum hardware cannot break production RSA-2048 wholesale. Our methodology documents exploit mechanics where classical shortcuts (key leaks, weak entropy, implementation flaws) materially reduce problem complexity, and the engagement report records what validation path was actually used.

7. PQC in Production: Verified Implementations

The public record on PQC migrations is thin but growing. Most organizations treat these projects as competitive intelligence. These verified implementations prove PQC works in production — and reveal the real challenges enterprises face.

Technology

Cloudflare

Hybrid X25519+Kyber on all edge servers (Oct 2022). By March 2025, 38% of HTTPS traffic encrypted with PQC algorithms (Cloudflare Radar). Encountered middlebox failures after Chrome 124 release.

Apple (iMessage PQ3)

PQ3 deployed March 2024. Combines post-quantum initial key establishment with three ongoing ratchets. Formally verified with ETH Zürich's Tamarin tool.

Google Chrome

X25519Kyber768 enabled by default in Chrome 124 (April 2024). Reported 4% TLS handshake slowdown from additional 1.1-1.2kB per direction (Google, 2024).

AWS

ML-KEM for hybrid PQC key agreement deployed across KMS, Secrets Manager, and Certificate Manager in all regions (non-FIPS endpoints).

Financial Services

JPMorgan Chase

Implemented quantum-secured crypto-agile network (Q-CAN) connecting two data centers. Third quantum node established as research platform. Uses both PQC and QKD as layered defense.

HSBC + Quantinuum

Production PQC-VPN tunnel in gold tokenization environment. Observed minimal performance impact irrespective of data size. Demonstrated PQC can protect DLT without re-architecture.

Documented Challenges

• Middlebox failures: Devices that don't correctly implement TLS malfunction when offered PQC options (Cloudflare/Chrome 124)
• Handshake overhead: 4% TLS slowdown from larger key exchanges (Google)
• Hybrid maintenance: 20-40% additional staff time for dual-algorithm management (MDPI research)
• Timeline reality: 5-7 years for small enterprises, 8-12 for medium, 12-15+ for large (baseline estimates)

What remains missing:No enterprise has published a complete end-to-end migration with costs, timelines, and lessons learned. That gap is where QSolve operates — providing the migration governance, sequencing discipline, and standards-mapped execution structure that turn proof-of-concepts into production deployments.

Redacted sample reports, third-party review letters, and scanner comparison data available under NDA.

Request Methodology Briefing View $2M QStrike Challenge Terms

9. Public-to-Private Proof Path

Qtonic Quantum runs two surfaces with one truth contract. The public surface (Lab registry, QScout Free executive snapshot, published methodology) renders against published artifacts and published proof metadata. The private surface (governed QScout engagement, QStrike validation) operates on customer evidence under engagement-specific access. The progression from public Lab signal to private engagement evidence is what we call the public-to-private proof path.

Levels

• QScout Free (public, /qscout): Executive snapshot rendered against the public truth contract. No customer data, no scoped evidence. Business-email verified, browser-safe, and typically completed in minutes.
• Qtonic Quantum Lab (public, /lab): Independently scored PQC implementations across a published 10-dimension rubric. Source: vendor evidence, public artifacts, expert ground truth. No customer data.
• QScout Surface/Silver/Gold (governed): Scoped engagement against a customer environment. Provider-aligned validation, structured evidence collection, contract-bound delivery.
• QStrike (governed validation): Quantum-resistance validation with governed proof artifacts and reproducible verification through the published proof engine.

Evidence Handshake

The Evidence Handshake is the deterministic binding between the public Lab registry and the governed QStrike evidence ledger. When a public Lab score advances to a governed engagement claim, the handshake binds:

• The public solution_id and its rubric provenance state (verified, contested, inferred, degraded)
• The signed bundle hash of the source dataset used to render the score
• The scoped engagement_id and the contract that authorizes the evidence elevation
• The signing identity of the verifier and the timestamp of the handshake event

Every artifact released under the public-to-private proof path carries a content hash that customers can verify against the live trust feed at /trust. The lab proof health endpoint exposes the current registry state at /lab.

Public surface uses No customer data

Everything visible on qtonicquantum.com is rendered against published artifacts: the Lab registry, the QScout truth contract, the methodology rubric, and signed proof bundles. Customer evidence stays in the governed engagement boundary and is not transmitted to public surfaces.

QScout-specific methodology

QScout Methodology

QScout Free Module Scope

QScout Free runs 24 requester-authorized public-surface modules across up to 10 total authorized same-domain public hosts.

View full HNDL methodology (867 lines, v2.0)View QScout Free module methodology Verify deployed SHA (live API)

On this page

Board Number
Validation Workflows
Deliverables
Validation & Review
Scanner Comparison
Quantum Proof-of-Work
PQC in Production
Cryptographic Debt Calculator
Public-to-Private Proof Path

Methodology & Proof Points

Our methodology combines automated scanning, provider-aligned workflow validation, and expert analysis to uncover cryptographic vulnerabilities and quantify their business impact.

~24 min read

Review Representative Outcomes

Methodology claims are governed by a live claim registry, review requirements for qualifying zero-critical challenge outcomes, and release evidence for public QStrike statements.

1. Board-Level Risk Modeling (“Board Number”)

How the score works

• Quantum Exposure Window: Time-to-CRQC scenario model, sourced from Global Risk Institute expert-elicitation data and normalized to Qtonic Quantum's 2029 readiness/control planning horizon
• Loss equation: Expected Loss = Σ (Asset Class_i) × P(CRQC within window) × Exposure_i × Residual Control Factor_i
• Present value: Discounted at customer-configurable rate, with both undiscounted (risk appetite) and discounted (NPV) views provided
• Quantum Exposure Score (0-100): Normalized composite derived from expected loss and confidence bounds

2. Validation Workflows

Evidence included in reports

• Provider job artifacts: Backend name, job ID (or hash + verification method), timestamp, qubit count, circuit depth, shot count, result metadata
• Circuit evidence: Diagram screenshots and/or exported OpenQASM format with sensitive labels removed
• Console screenshots: Per-provider showing backend, job ID, and completion status
• Integrity controls: Published hashes of evidence files for post-engagement verification
• Reproducibility: “Run these same circuits” appendix for review

3. Deliverables & Sample Reports

QScout Free Snapshot + Governed Follow-Up Scope

• Executive summary with Quantum Exposure Score and exposure window
• Browser-safe public-surface signal summary
• CBOM priority inputs for governed follow-up scope
• TLS and certificate observations
• Prioritized migration inputs for the next execution step
• Governed exports only when scoped and approved
• Board-ready recommendations mapped to compliance frameworks

QStrike Scoped Validation Pack (90-120 day testing)

• Executive summary with exploitation narrative
• Proof-of-concept evidence for key vulnerabilities
• Complete CBOM mapping with dependency impact
• Quantum hardware job artifacts and circuit evidence
• Screenshots of sensitive material found (e.g. key fragments in memory)
• Migration governance handoff notes for QSolve
• Re-test validation after remediation

What we do not include in samples: No private keys, no customer traffic, no internal hostnames, no sensitive architecture diagrams.

View Technical Documentation

QScout Module Methodology Sample Scan Report (JSON)

Request Full Sample Deliverables

4. Validation & External Review

Governed validation artifacts remain available for procurement and audit review. Public references are anonymized and normalized for release.

Validation structure

• Historical validation: An anonymized client validation record with governed claim mapping and checksums
• $2M QStrike Challenge review: Zero-critical outcomes still require third-party review before any payout
• Challenge governance: Signed challenge terms define review, payout eligibility, and the annual program cap for zero-critical outcomes
• Standards alignment: Methodology is maintained against current NIST PQC standards (FIPS 203, 204, 205) and transition guidance

• Derived from governed engagement evidence
• Normalized and rounded for controlled public release
• Aligned to delivered outcomes without reproducing protected buyer reports

Review anonymized customer proof summaries →

Buyer-facing validation language is now tied to the governed claim registry. If a proof pack or review statement is not live in the registry, it should not appear in product or buyer materials.

5. Comparison with Traditional Scanners

Traditional scanners (Nessus, Qualys, Burp) excel at known CVEs and configuration checks. They don't assess quantum risk, Cryptographic Debt, or PQCreadiness. Here's what QScout finds that others miss:

Finding Type	Nessus	Qualys	Burp	QScout
Cryptographic Debt Score (quantum harvest timeline)	—	—	—	✓
Post-Quantum Cryptography gaps (ML-KEM, ML-DSA, SLH-DSA)	—	—	—	✓
Hybrid TLS detection (X25519Kyber768, ML-KEM hybrids)	—	—	—	✓
Email infrastructure quantum risk (DKIM RSA-1024, DANE, MTA-STS)	—	—	—	✓
Enterprise crypto inventory (KMS/Vault/HSM audit)	—	—	—	✓
Service mesh crypto posture (mTLS, Istio/Linkerd)	—	—	—	✓
Crypto drift over time (CT log replay, config changes)	—	—	—	✓
Quantum migration deadlines (industry-specific timelines)	—	—	—	✓

Real Example: Same Target, Different Results

Nessus / Qualys Output

TLS 1.2 Enabled ✓

Certificate Valid ✓

No vulnerabilities found

QScout Output

HIGH — Cryptographic Debt Assessment

Data retention: 10yr, Quantum break: 2030-2035

Action: Begin PQC migration planning NOW

HIGH — Quantum Risk Score: 50/100

RSA-2048 certificates vulnerable to Shor's

ECDHE-P256 vulnerable to quantum attack

MEDIUM — No Hybrid TLS Support

Missing X25519Kyber768 for quantum resistance

The same “secure” site that passes traditional scans can still carry material quantum exposure that QScout quantifies with actionable deadlines. Traditional scanner output routinely misses cryptographic context that only a dedicated inventory and evidence review will surface.

Detailed finding-by-finding comparison breakdowns available upon request.

6. Quantum Proof-of-Work Finding

Example: Ephemeral key leak + quantum factorization

Classical analysis discovers partial RSA private key fragments in debug logs (ephemeral key leak)
Leaked bits reduce RSA-2048 factorization from computationally infeasible to achievable within hours
Provider-aligned workflow evidence is gathered for the reduced-strength exploit path defined in scope
Customer report records the observed result, confidence notes, and reproduction constraints for reviewer follow-up
Report includes quantum circuit details, output evidence, and scaling limitations

7. PQC in Production: Verified Implementations

Technology

Cloudflare

Hybrid X25519+Kyber on all edge servers (Oct 2022). By March 2025, 38% of HTTPS traffic encrypted with PQC algorithms (Cloudflare Radar). Encountered middlebox failures after Chrome 124 release.

Apple (iMessage PQ3)

PQ3 deployed March 2024. Combines post-quantum initial key establishment with three ongoing ratchets. Formally verified with ETH Zürich's Tamarin tool.

Google Chrome

X25519Kyber768 enabled by default in Chrome 124 (April 2024). Reported 4% TLS handshake slowdown from additional 1.1-1.2kB per direction (Google, 2024).

AWS

ML-KEM for hybrid PQC key agreement deployed across KMS, Secrets Manager, and Certificate Manager in all regions (non-FIPS endpoints).

Financial Services

JPMorgan Chase

Implemented quantum-secured crypto-agile network (Q-CAN) connecting two data centers. Third quantum node established as research platform. Uses both PQC and QKD as layered defense.

HSBC + Quantinuum

Production PQC-VPN tunnel in gold tokenization environment. Observed minimal performance impact irrespective of data size. Demonstrated PQC can protect DLT without re-architecture.

Documented Challenges

• Middlebox failures: Devices that don't correctly implement TLS malfunction when offered PQC options (Cloudflare/Chrome 124)
• Handshake overhead: 4% TLS slowdown from larger key exchanges (Google)
• Hybrid maintenance: 20-40% additional staff time for dual-algorithm management (MDPI research)
• Timeline reality: 5-7 years for small enterprises, 8-12 for medium, 12-15+ for large (baseline estimates)

8. Cryptographic Debt Calculator Methodology

The Cryptographic Debt Calculator provides organizations with a transparent, input-driven assessment of their quantum risk exposure from Harvest Now, Decrypt Later threats. This section documents the complete scoring methodology for audit and procurement review.

Assessment Inputs

Input	Options	Purpose
Data Sensitivity	Public, Internal, Confidential, Restricted, Top Secret	Base risk weighting by data classification
Data Retention	1, 3, 5, 7, 10, 15, 20+ years	How long data must remain confidential
Adversary Capability	Low, Medium, High, Nation-State	Expected threat actor sophistication
Timeline Scenario	Early (2027), Planning (2030), Late (2038)	CRQC emergence assumption (user-selected)
Migration Complexity	Agile (2yr), Typical (3yr), Complex (5yr), Regulated (8yr)	Estimated time to complete PQC migration
Buffer Years	0, 1, 2, 3 years	Safety margin for migration delays
Crypto Inventory	RSA, ECDSA, ECDH, AES, SHA, 3DES, MD5, custom	Algorithms in current environment
TLS Findings	TLS version, cipher suites, certificate details	Present-day cryptographic posture

Timeline Scenarios

The calculator does not predict when CRQC will arrive. Instead, users select from three planning scenarios based on their risk tolerance:

Early (2027)

Conservative assumption. Assumes CRQC could emerge within 2-3 years. Appropriate for high-sensitivity data with long retention requirements.

Planning (2030)

Consensus estimate aligned with NIST/NSA guidance. Used by most enterprises for migration planning baseline.

Late (2038)

Optimistic assumption. May be appropriate for organizations with low-sensitivity data and short retention periods.

Risk Factor Weights

The composite risk score combines seven weighted factors (governed validation artifacts available for review). Weights are fixed and documented:

Data Sensitivity25%
Future Decrypt Risk20%
Adversary Capability20%
Timeline Proximity15%

Active Targeting Profile10%
Present Crypto Hygiene5%
Data Retention Window5%

Cryptographic Vulnerability Scoring

Algorithms are scored separately for Shor-vulnerability (future quantum threat) and present-day hygiene debt:

Shor-Vulnerable (Future Risk)

RSA-1024100
RSA-204890
RSA-409680
ECDSA P-25685
ECDH P-38475
ML-KEM (PQC)0

Present Hygiene Debt

3DES100
MD5100
SHA-180
TLS 1.0/1.1100
TLS 1.2 (weak cipher)50
TLS 1.30

Migration Deadline Calculation

The deadline rearranges Mosca's inequality — X + Y > Z, where X is the time a secret must remain secure, Y is the migration time, and Z is the time until a cryptanalytically relevant quantum computer — into a “start by” date:

Deadline = Scenario_Year − Migration_Years − Buffer_Years

Example: Planning scenario (2030) with Complex migration (5yr) and 2yr buffer = Start by 2023. If current year is 2026, the organization is already 3 years behind the recommended start date.

Risk Level Thresholds

Critical

Score ≥ 80

High

Score ≥ 60

Medium

Score ≥ 40

Low

Score < 40

Scope & Limitations

What This Calculator Does NOT Do

• Does not predict CRQC timing. Users select their planning scenario; the calculator does not claim to know when quantum computers will break cryptography.
• Does not replace a full assessment. This is a prioritization tool based on self-reported inputs, not a vulnerability scan or governed validation engagement.
• Does not guarantee accuracy. Output quality depends on input accuracy. Garbage in, garbage out.
• Does not provide compliance certification. Results may inform compliance planning but do not constitute certification under any framework.

External Sources & References

• Timeline Estimates: Global Risk Institute Quantum Threat Timeline Report (December 2024) — 32-expert elicitation normalized to Qtonic Quantum's 2029 readiness/control planning horizon
• Deprecation Path: NIST IR 8547 — Transition to Post-Quantum Cryptography Standards
• Federal Mandate: CNSA 2.0 — NSA Commercial National Security Algorithm Suite
• CISA Guidance: CISA Post-Quantum Cryptography Initiative — Preparing Critical Infrastructure

All calculator outputs include timestamp, version number, and complete input summary for audit trail purposes. The evidence summary provides a portable record suitable for internal documentation and compliance planning.