RSA encryption, the foundation of internet security since 1977, is mathematically broken by Shor's algorithm running on a sufficiently powerful quantum computer. NIST has announced the deprecation of RSA for all key sizes by 2030, with a complete disallow by 2035. The NSA requires all National Security Systems to migrate away from RSA by 2027 for new deployments. Google's internal deadline is 2029. Organizations that rely on RSA for TLS, code signing, JWT tokens, or encrypted communications must begin migration to NIST-approved post-quantum algorithms (ML-KEM, ML-DSA) now — because "harvest now, decrypt later" attacks mean data encrypted with RSA today can be stored and decrypted once quantum computers are available.
AI code assistants generate RSA code by default for nearly all cryptographic operations. When asked to "generate a key pair," "encrypt data," or "sign a JWT," AI tools produce RSA-2048 or RSA-4096 code because that is what dominates their training data. The AI models have no awareness of NIST deprecation timelines or quantum computing threats. This means every new project bootstrapped with AI assistance is being built with cryptography that has a known expiration date. Post-quantum alternatives exist but are almost never suggested by AI tools.
// Node.js — AI-generated quantum-vulnerable code
import { generateKeyPairSync, sign } from "crypto";
// VULNERABLE: RSA is broken by Shor's algorithm
const { publicKey, privateKey } = generateKeyPairSync(
"rsa",
{
modulusLength: 2048,
publicKeyEncoding: {
type: "spki",
format: "pem",
},
privateKeyEncoding: {
type: "pkcs8",
format: "pem",
},
}
);
// VULNERABLE: RSA signature will be forgeable
const signature = sign("sha256", data, privateKey);
# Python — AI-generated quantum-vulnerable code
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
# VULNERABLE: RSA key generation — quantum-vulnerable
private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=2048,
)
# VULNERABLE: RSA signing — will be forgeable
signature = private_key.sign(
data,
padding.PSS(mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH),
hashes.SHA256()
)// Node.js — post-quantum key encapsulation (secure)
// Using ML-KEM (FIPS 203) — NIST-approved PQC standard
import { mlKem768 } from "@noble/post-quantum/ml-kem";
// SECURE: ML-KEM key generation (quantum-resistant)
const { publicKey, secretKey } = mlKem768.keygen();
// SECURE: encapsulate a shared secret
const { cipherText, sharedSecret } =
mlKem768.encapsulate(publicKey);
// SECURE: decapsulate the shared secret
const receivedSecret =
mlKem768.decapsulate(cipherText, secretKey);
# Python — post-quantum digital signature (secure)
# Using ML-DSA (FIPS 204) — NIST-approved PQC standard
# Available via oqs-python or pqcrypto packages
from pqcrypto.sign.dilithium3 import (
generate_keypair, sign, verify
)
# SECURE: ML-DSA key generation (quantum-resistant)
public_key, secret_key = generate_keypair()
# SECURE: quantum-resistant digital signature
signature = sign(secret_key, data)
verify(public_key, data, signature)CodeShield uses multi-layer static analysis to detect rsa quantum vulnerability vulnerabilities across your entire codebase:
CodeShield detects rsa quantum vulnerability and 5+ other vulnerability types across your entire codebase. Auto-fix with AI in one click.
Scan Your Repos Free