Why Your PKI Strategy Is Already Obsolete

TLDR: Quantum computing is no longer a distant theoretical threat, and current PKI implementations are woefully unprepared for the transition. Most organizations rely on long-lived RSA and ECC certificates that are vulnerable to future decryption, while lacking the visibility to manage the shift to shorter, quantum-resistant lifespans. Pentesters and researchers should prioritize auditing certificate lifecycles and identifying weak cryptographic primitives as a primary vector for long-term data exposure.

Security researchers often treat Public Key Infrastructure as a solved problem, a background utility that just works until it doesn't. That assumption is dangerous. The recent shift toward 47-day certificate lifespans, as discussed at Security BSides 2025, is not just a policy change; it is a forced evolution of how we manage trust. If your organization is still tracking certificate expiry in a spreadsheet or relying on manual rotation, you are already behind the curve. The real-world impact is clear: when certificates expire or are misconfigured, critical infrastructure goes dark, as seen in recent outages at major financial institutions and airlines.

The Quantum Threat to Current Cryptography

Quantum computing poses a direct, existential threat to the RSA and ECC algorithms that underpin almost every secure connection on the internet. Shor’s algorithm, when executed on a sufficiently powerful quantum computer, can solve the discrete logarithm problem that makes these algorithms secure. While we are currently in the Noisy Intermediate-Scale Quantum (NISQ) era, the roadmap to fault-tolerant quantum computers is accelerating.

For a pentester, the immediate concern is the "Harvest Now, Decrypt Later" strategy. Adversaries are currently intercepting and storing encrypted traffic, betting that they will be able to decrypt it once quantum hardware matures. If you are testing an environment that handles long-term sensitive data, you must assume that any traffic encrypted with standard RSA-2048 or ECC is effectively public record in the eyes of a nation-state actor.

The Operational Reality of Crypto-Agility

Crypto-agility is the ability to swap out cryptographic primitives and certificates without tearing down your entire infrastructure. Most enterprise environments fail this test. When a vulnerability is discovered in a specific curve or algorithm, or when a CA is distrusted, the time-to-remediation is often measured in weeks rather than hours. This is a massive failure in OWASP A07:2021 – Identification and Authentication Failures.

To assess this, start by auditing your environment for certificate sprawl. You need to know exactly what is running where. Tools like tlsx are essential for this. You can use it to quickly enumerate certificates across your entire attack surface:

tlsx -u targets.txt -json -o results.json

Once you have the data, look for the "long-lived" offenders. Any certificate with a validity period longer than 90 days is a liability. If you find certificates issued by untrusted or deprecated CAs, you have found a high-impact finding for your report.

Auditing for Post-Quantum Readiness

Transitioning to post-quantum cryptography (PQC) is not as simple as flipping a switch. NIST has already standardized algorithms like CRYSTALS-Kyber for key encapsulation and CRYSTALS-Dilithium for digital signatures. However, these algorithms have significantly larger key sizes than RSA or ECC.

During an engagement, check if the target's TLS implementation can handle these larger payloads. Many legacy IoT devices and VPN clients will crash or drop connections when presented with non-standard or oversized keys. This is a prime area for testing. If you can force a fallback to weaker, legacy algorithms by manipulating the handshake, you have successfully demonstrated a downgrade attack.

Building a Defensive Roadmap

Defenders need to move away from manual certificate management immediately. The goal is to reach a state where certificate rotation is fully automated and transparent to the application layer. This requires a centralized inventory that tracks not just the expiry date, but the algorithm, key size, and the specific CA used for every endpoint.

If you are working with a blue team, push them to implement a "hybrid" certificate strategy. This allows systems to support both traditional RSA/ECC and new PQC algorithms simultaneously. This ensures that you maintain compatibility with legacy clients while providing a path forward for quantum-resistant communication.

Stop viewing PKI as a static configuration. It is a dynamic, high-risk component of your infrastructure that requires the same level of scrutiny as your application code. If you aren't auditing your cryptographic agility today, you are leaving the door open for the next generation of automated, quantum-assisted attacks. Start by mapping your current certificate landscape and identifying where your automation gaps exist. The transition to a post-quantum world will be messy, but the organizations that start their audit now will be the only ones left standing when the threat becomes a daily reality.