Workshops Defence Approaches to Cryptographic Discovery

Defence Deep Dive Session

Approaches to Cryptographic Discovery

Defence organisations hold decades of cryptographic debt across firmware, protocols, key management systems, and classified networks. This session equips security architecture teams with the tools and methodologies to locate every instance of classical cryptography and build a risk-prioritised migration roadmap before CNSA 2.0 deadlines arrive.

Half day (3 hours)

In person or online

Max 30 delegates

Commission This Workshop View Agenda

Proud to recommend our expert members

Workshop Description

Most defence organisations cannot answer a basic question: where is classical cryptography deployed across our systems? RSA and ECDSA appear in TLS termination, VPN tunnels, code signing, firmware verification, satellite uplink encryption, and dozens of embedded subsystems. Many of these instances are undocumented, buried in legacy configurations, or hidden inside third-party firmware that predates any quantum risk awareness.

This workshop introduces structured discovery methodologies for building a complete Cryptographic Bill of Materials (CBOM). Participants examine static analysis tools such as IBM Quantum Safe Explorer and Keyfactor EJBCA scanner alongside network traffic inspection techniques for identifying cipher suites in classified and unclassified environments. The session covers binary analysis for embedded cryptography in real-time operating systems, risk scoring frameworks that combine data sensitivity with algorithm vulnerability, and practical sequencing strategies for migration across weapons systems, C2 infrastructure, logistics, and administrative tiers.

What participants cover

Cryptographic Bill of Materials (CBOM) generation, structure, and lifecycle management
Static analysis, network traffic inspection, and binary analysis discovery techniques
Tool comparison: IBM Quantum Safe Explorer, Keyfactor, and open-source CBOM generators
Mosca inequality for HNDL exposure assessment and data shelf-life classification
Risk scoring: data sensitivity x algorithm vulnerability x replacement complexity
Integration with defence procurement frameworks (DEF STAN 00-091, MIL-STD-882E)

Preliminary Agenda

Deep Dive Session structure with scheduled breaks. Content is configurable to your organisation's technical level and operational environment.

#	Session	Topics
1	Cryptographic Discovery in Defence Environments Why legacy crypto is invisible and how to find it	Scope of cryptographic debt in defence IT: firmware, protocols, key stores, embedded systems CNSA 2.0 compliance drivers and NSA timeline requirements for symmetric and asymmetric migration Why standard software composition analysis tools miss cryptographic usage in SCADA, Link 16, and satellite uplinks
2	Discovery Methodologies and Tooling Passive, active, and hybrid scanning techniques	Cryptographic Bill of Materials (CBOM): structure, generation, and maintenance for defence procurement Static analysis tools: IBM Quantum Safe Explorer, Keyfactor EJBCA scanner, and open-source CBOM generators Network traffic analysis: identifying TLS cipher suites, IPsec configurations, and non-standard crypto in classified networks Binary analysis for embedded cryptography in firmware and real-time operating systems (VxWorks, INTEGRITY)
Break, after 60 min
3	Prioritisation and Risk-Based Migration Planning From inventory to actionable migration roadmap	Risk scoring framework: data sensitivity x algorithm vulnerability x replacement complexity HNDL exposure assessment: classifying data by shelf life versus quantum timeline (Mosca inequality) Sequencing migration by system criticality: weapons systems, C2, logistics, and administrative tiers
4	Discussion and Next Steps Applying discovery findings to your organisation	Building a CBOM programme within existing defence procurement frameworks (DEF STAN 00-091, MIL-STD-882E) Integrating cryptographic discovery into continuous monitoring and DevSecOps pipelines

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and defence systems.

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

Defence workshops are co-delivered with sector specialists who bring direct operational experience in defence organisations. This ensures workshop content is grounded in regulatory, operational, and technical realities specific to the sector.

Commission This Workshop

Sessions are configured around your organisation's technical level, operational environment, and regulatory jurisdiction. Get in touch to discuss requirements and schedule a date.

Defence Workshops All Consulting Services All Workshops