Threat modelling for the quantum era is not a new framework — it’s STRIDE, attack trees, MITRE ATT&CK extended with quantum-specific considerations. The discipline is the same. The artifacts and controls change.
STRIDE-Q — quantum extensions to STRIDE
Each STRIDE category, with quantum-era considerations:
Spoofing: Quantum-broken signatures (RSA, ECDSA) become forgeable. Mitigation: PQ signatures (ML-DSA, SLH-DSA) on critical authentication. Threat actors with CRQC can impersonate any pre-quantum signed identity.
Tampering: Quantum-broken signatures on documents/transactions become forgeable. Audit trails dependent on classical signatures lose integrity. Mitigation: re-sign critical archives with PQ signatures; maintain Merkle-tree-based integrity that’s PQ-resistant.
Repudiation: Pre-quantum signatures cannot be reliably attributed post-CRQC; signers can repudiate by claiming “anyone with quantum could have forged.” Mitigation: PQ signatures + timestamping authority + log retention with PQ-signed integrity.
Information Disclosure: The dominant quantum threat. Pre-quantum encrypted data exposed when CRQC arrives. Store-now-decrypt-later is the operational risk. Mitigation: PQ KEM (ML-KEM-768) for new data; cryptographic-agility for retroactive re-encryption of high-value archives.
Denial of Service: Quantum doesn’t add new DoS vectors directly. Side note: large PQ handshake bytes increase amplification factor for some DDoS techniques; minor concern.
Elevation of Privilege: Authentication tokens (JWT, session cookies) using broken signatures become forgeable. Quantum adversary can elevate by re-signing tokens. Mitigation: PQ-signed authentication; short token lifetime; FIDO2 / hardware token for high-stakes elevation.
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.