BMT-12.04 Executive Summary#
BlueMirror.tech | May 2026#
Aigerim Nurlanova is a cryptographer at a Seattle security consulting firm whose practice has shifted from general application security to post-quantum readiness assessments. Her current engagement is a review of BlueMirror’s cryptographic architecture for a partner doing due diligence ahead of a commercial integration. Her brief is specific: which primitives in BlueMirror’s architecture are vulnerable to a future cryptographically relevant quantum computer, what BlueMirror’s migration plan is, and whether the architecture supports the cryptographic agility necessary to migrate without an architectural rebuild. She has been writing this kind of report for two years. Most have been short because most companies do not have answers to the second and third questions.
Quantum computing is not a general-purpose acceleration over classical computing. A cryptographically relevant quantum computer runs a specific algorithm against a specific cryptographic problem. Three categories matter for BlueMirror. Combinatorial optimization is relevant to MoC routing at one hundred times current scale; the timeline is five to fifteen years and the routing layer is designed for plug-in substitution. High-dimensional pattern exploration is relevant to context-similarity search; the architecture treats it the same way. The discrete-log and factoring problems that underlie current public-key cryptography are the third category and the consequential one.
The cryptographic primitives securing BlueMirror’s audit trail, the membrane’s signatures, the consent assertions, and partner identity attestations are all variants of public-key cryptography. The specific schemes in use are Ed25519 for signatures and X25519 for key agreement. Both depend on the elliptic-curve discrete-log problem. Shor’s algorithm solves the problem efficiently. RSA, which appears in TLS certificates and some legacy partner integrations, is also not quantum-resistant.
The audit trail is the most consequential of the affected primitives. Its integrity depends on signatures that are unforgeable. A quantum computer that can forge an Ed25519 signature can rewrite the audit trail, and the subscriber’s ability to verify what happened collapses. This is why post-quantum cryptography migration is a defensive requirement, not an offensive opportunity. The audit trail must remain verifiable for the lifetime of the data that depends on it. A medical record from 2026 has relevance into the 2050s. The “harvest now, decrypt later” attack pattern applies: an adversary capturing encrypted traffic today and decrypting it when quantum machines mature.
The migration must complete before a cryptographically relevant quantum computer exists, not after. NIST’s post-quantum standards (FIPS 203, 204, and 205, finalized in 2024) cover key encapsulation (ML-KEM) and digital signatures (ML-DSA and SLH-DSA). These are the migration targets. The migration is feasible because the architecture was designed with cryptographic agility from the start. The signature scheme is not hard-coded into the audit trail format; it is a parameter. The audit record includes a signature-algorithm field that names the scheme used to sign the record. Verification dispatches to the algorithm implementation based on the field. Adding a new algorithm is a software update, not an architectural change. The same applies to key agreement, symmetric encryption, and hash functions.
The migration is staged. The first stage, in progress now, adds post-quantum algorithm implementations alongside the classical ones. Signatures are dual-signed during a transition period. Key agreement uses a hybrid scheme combining classical and post-quantum to ensure that if either breaks, the other holds. The second stage, scheduled for 2027 to 2028, makes post-quantum the default for new records while continuing to verify the dual signatures for legacy records. The third stage, scheduled for 2029 to 2030 or earlier if quantum-hardware-maturation signals accelerate, makes post-quantum the only required signature for new records and begins re-signing the most consequential legacy records. Re-signing legacy records is the most operationally complex element; the architecture supports it through post-quantum-signed attestations that bind to legacy records without rewriting them.
The temporal asymmetry the plan addresses is that quantum’s relevance to offensive optimization is five to fifteen years out, but quantum’s threat to defensive cryptographic posture is on a timeline whose lower bound is uncertain and whose upper bound matters more than the lower bound. The defensive posture must be ready before the threat materializes. The offensive work waits for the hardware. The defensive work cannot.
Aigerim’s report was longer than her recent reports on healthcare technology companies. The architecture had answers to her three questions. The cryptographic primitives were enumerated and their post-quantum migration paths documented. The migration plan was staged with timelines and dependencies. Cryptographic agility was implemented in the code, not just promised in documentation. She wrote that her client’s due diligence should consider the company’s post-quantum readiness as a positive, with the residual risk being execution risk rather than architectural risk. The architectural risk is the one she was paid to find. She had not found it.
Read the full article at bluemirror.tech.