Spaces:
Sleeping
Sleeping
| """ | |
| Q-GRID Crypto Scanner Demo | |
| A Gradio app demonstrating quantum-vulnerable cryptography detection | |
| """ | |
| import gradio as gr | |
| import re | |
| from typing import List, Dict, Tuple | |
| import json | |
| # Quantum vulnerability taxonomy | |
| VULNERABILITY_TAXONOMY = { | |
| "CRITICAL": { | |
| "algorithms": ["RSA-1024", "DSA-1024", "ECDH-P192", "ECDSA-P192"], | |
| "color": "#FF4444", | |
| "risk": "Broken by quantum computers NOW", | |
| "recommendation": "Immediate migration to ML-KEM/ML-DSA required", | |
| }, | |
| "HIGH": { | |
| "algorithms": ["RSA-2048", "ECDH-P256", "ECDSA-P256", "SHA-1"], | |
| "color": "#FF8844", | |
| "risk": "Will be broken by 2035", | |
| "recommendation": "Plan migration within 12 months", | |
| }, | |
| "MEDIUM": { | |
| "algorithms": ["RSA-3072", "ECDH-P384", "ECDSA-P384", "SHA-256"], | |
| "color": "#FFAA44", | |
| "risk": "Transitional security", | |
| "recommendation": "Evaluate hybrid PQC deployment", | |
| }, | |
| "LOW": { | |
| "algorithms": ["AES-128", "AES-256", "SHA-3", "ChaCha20"], | |
| "color": "#44AA44", | |
| "risk": "Grover's algorithm impact only", | |
| "recommendation": "Double key lengths by 2030", | |
| }, | |
| } | |
| # Detection patterns | |
| CRYPTO_PATTERNS = { | |
| "RSA-1024": [ | |
| r"rsa.*1024", | |
| r"RSA.*1024", | |
| r"modulus.*1024", | |
| r"keySize.*1024", | |
| r"key_length.*1024", | |
| ], | |
| "RSA-2048": [ | |
| r"rsa.*2048", | |
| r"RSA.*2048", | |
| r"modulus.*2048", | |
| r"keySize.*2048", | |
| r"key_length.*2048", | |
| ], | |
| "RSA-3072": [r"rsa.*3072", r"RSA.*3072", r"modulus.*3072", r"keySize.*3072"], | |
| "ECDH-P192": [r"ecdh.*p-192", r"ECDH.*P-192", r"secp192", r"prime192"], | |
| "ECDH-P256": [ | |
| r"ecdh.*p-256", | |
| r"ECDH.*P-256", | |
| r"secp256", | |
| r"prime256", | |
| r"ec\.curve\s*=\s*secp256", | |
| ], | |
| "ECDH-P384": [r"ecdh.*p-384", r"ECDH.*P-384", r"secp384", r"prime384"], | |
| "ECDSA-P256": [r"ecdsa.*p-256", r"ECDSA.*P-256", r"ec\.sign", r"createSign.*ec"], | |
| "SHA-1": [r"sha1", r"SHA1", r"sha-1", r"SHA-1"], | |
| "SHA-256": [r"sha256", r"SHA256", r"sha-256", r"SHA-256"], | |
| "AES-128": [r"aes.*128", r"AES.*128", r"aes-128", r"AES-128"], | |
| "AES-256": [r"aes.*256", r"AES.*256", r"aes-256", r"AES-256"], | |
| "MD5": [r"md5", r"MD5", r"createHash.*md5"], | |
| "DES": [r"des", r"DES", r"3des", r"3DES", r"tripleDes"], | |
| } | |
| def get_vulnerability_level(algorithm: str) -> str: | |
| """Determine vulnerability level for an algorithm.""" | |
| for level, data in VULNERABILITY_TAXONOMY.items(): | |
| if algorithm in data["algorithms"]: | |
| return level | |
| return "UNKNOWN" | |
| def scan_code(code: str) -> Tuple[List[Dict], int, str]: | |
| """ | |
| Scan code for quantum-vulnerable cryptographic patterns. | |
| Returns: | |
| Tuple of (findings list, QRS score, summary text) | |
| """ | |
| findings = [] | |
| lines = code.split("\n") | |
| for line_num, line in enumerate(lines, 1): | |
| line_stripped = line.strip() | |
| if not line_stripped or line_stripped.startswith("//"): | |
| continue | |
| for algorithm, patterns in CRYPTO_PATTERNS.items(): | |
| for pattern in patterns: | |
| if re.search(pattern, line, re.IGNORECASE): | |
| level = get_vulnerability_level(algorithm) | |
| finding = { | |
| "line": line_num, | |
| "code": line_stripped[:80], | |
| "algorithm": algorithm, | |
| "level": level, | |
| "recommendation": get_recommendation(algorithm, level), | |
| } | |
| # Avoid duplicates | |
| if not any( | |
| f["line"] == line_num and f["algorithm"] == algorithm | |
| for f in findings | |
| ): | |
| findings.append(finding) | |
| break | |
| # Calculate QRS (simplified) | |
| qrs_score = calculate_qrs(findings) | |
| summary = generate_summary(findings, qrs_score) | |
| return findings, qrs_score, summary | |
| def get_recommendation(algorithm: str, level: str) -> str: | |
| """Get recommendation for an algorithm.""" | |
| recommendations = { | |
| "CRITICAL": f"Replace {algorithm} with ML-KEM-768 or ML-DSA-65 immediately", | |
| "HIGH": f"Plan migration from {algorithm} to ML-KEM/ML-DSA within 12 months", | |
| "MEDIUM": f"Evaluate hybrid PQC deployment for {algorithm}", | |
| "LOW": f"Increase key length for {algorithm} by 2030", | |
| "UNKNOWN": f"Review {algorithm} for quantum vulnerability", | |
| } | |
| return recommendations.get(level, "Review for quantum safety") | |
| def calculate_qrs(findings: List[Dict]) -> int: | |
| """Calculate Quantum Readiness Score (simplified).""" | |
| if not findings: | |
| return 100 | |
| critical = sum(1 for f in findings if f["level"] == "CRITICAL") | |
| high = sum(1 for f in findings if f["level"] == "HIGH") | |
| medium = sum(1 for f in findings if f["level"] == "MEDIUM") | |
| low = sum(1 for f in findings if f["level"] == "LOW") | |
| # Penalty calculation | |
| penalty = (critical * 25) + (high * 15) + (medium * 5) + (low * 1) | |
| score = max(0, 100 - penalty) | |
| return score | |
| def generate_summary(findings: List[Dict], qrs: int) -> str: | |
| """Generate summary report.""" | |
| if not findings: | |
| return """β **No quantum-vulnerable cryptography detected!** | |
| Your code appears to be using quantum-safe algorithms or no cryptography at all. | |
| Quantum Readiness Score: **100/100** π""" | |
| critical = sum(1 for f in findings if f["level"] == "CRITICAL") | |
| high = sum(1 for f in findings if f["level"] == "HIGH") | |
| medium = sum(1 for f in findings if f["level"] == "MEDIUM") | |
| low = sum(1 for f in findings if f["level"] == "LOW") | |
| summary = f"""## π Scan Results | |
| **Total Findings:** {len(findings)} | |
| - π΄ **Critical:** {critical} (Immediate action required) | |
| - π **High:** {high} (Plan migration within 12 months) | |
| - π‘ **Medium:** {medium} (Evaluate hybrid deployment) | |
| - π’ **Low:** {low} (Double key lengths by 2030) | |
| ### π Quantum Readiness Score: {qrs}/100 | |
| **{get_qrs_status(qrs)}** | |
| ### π― Recommendations | |
| """ | |
| if critical > 0: | |
| summary += ( | |
| f"1. **URGENT:** Address {critical} critical vulnerabilities immediately\n" | |
| ) | |
| if high > 0: | |
| summary += ( | |
| f"2. **HIGH PRIORITY:** Plan migration for {high} high-risk algorithms\n" | |
| ) | |
| if medium > 0: | |
| summary += ( | |
| f"3. **MEDIUM:** Evaluate {medium} medium-risk algorithms for hybrid PQC\n" | |
| ) | |
| if low > 0: | |
| summary += ( | |
| f"4. **LOW:** Increase key lengths for {low} low-risk algorithms by 2030\n" | |
| ) | |
| return summary | |
| def get_qrs_status(qrs: int) -> str: | |
| """Get status text for QRS score.""" | |
| if qrs >= 80: | |
| return "β Excellent β Your code is mostly quantum-ready!" | |
| elif qrs >= 60: | |
| return "β οΈ Good β Some vulnerabilities need attention" | |
| elif qrs >= 40: | |
| return "β οΈ Fair β Significant migration work required" | |
| elif qrs >= 20: | |
| return "π΄ Poor β Critical vulnerabilities detected" | |
| else: | |
| return "π΄ Critical β Immediate action required" | |
| def format_findings(findings: List[Dict]) -> str: | |
| """Format findings as HTML table.""" | |
| if not findings: | |
| return "<p>No vulnerabilities detected!</p>" | |
| html = """ | |
| <table style="width:100%; border-collapse: collapse; margin-top: 10px;"> | |
| <thead> | |
| <tr style="background-color: #f0f0f0;"> | |
| <th style="padding: 10px; border: 1px solid #ddd; text-align: left;">Line</th> | |
| <th style="padding: 10px; border: 1px solid #ddd; text-align: left;">Algorithm</th> | |
| <th style="padding: 10px; border: 1px solid #ddd; text-align: left;">Level</th> | |
| <th style="padding: 10px; border: 1px solid #ddd; text-align: left;">Code</th> | |
| </tr> | |
| </thead> | |
| <tbody> | |
| """ | |
| for finding in findings: | |
| color = VULNERABILITY_TAXONOMY.get(finding["level"], {}).get("color", "#888888") | |
| html += f""" | |
| <tr> | |
| <td style="padding: 8px; border: 1px solid #ddd;">{finding["line"]}</td> | |
| <td style="padding: 8px; border: 1px solid #ddd; font-weight: bold;">{finding["algorithm"]}</td> | |
| <td style="padding: 8px; border: 1px solid #ddd;"> | |
| <span style="background-color: {color}; color: white; padding: 2px 8px; border-radius: 4px; font-size: 0.85em;"> | |
| {finding["level"]} | |
| </span> | |
| </td> | |
| <td style="padding: 8px; border: 1px solid #ddd; font-family: monospace; font-size: 0.9em;"> | |
| {finding["code"][:60]}{"..." if len(finding["code"]) > 60 else ""} | |
| </td> | |
| </tr> | |
| """ | |
| html += "</tbody></table>" | |
| return html | |
| def create_cbom_json(findings: List[Dict]) -> str: | |
| """Create CycloneDX CBOM-like JSON output.""" | |
| cbom = { | |
| "bomFormat": "CycloneDX", | |
| "specVersion": "1.6", | |
| "serialNumber": "urn:uuid:q-grid-demo-001", | |
| "version": 1, | |
| "metadata": { | |
| "timestamp": "2026-02-07T00:00:00Z", | |
| "tools": [ | |
| { | |
| "vendor": "Taurus AI", | |
| "name": "Q-GRID Crypto Scanner", | |
| "version": "1.0.0", | |
| } | |
| ], | |
| }, | |
| "components": [], | |
| } | |
| for finding in findings: | |
| component = { | |
| "type": "cryptographic-asset", | |
| "name": finding["algorithm"], | |
| "properties": [ | |
| {"name": "quantum-vulnerability-level", "value": finding["level"]}, | |
| {"name": "line-number", "value": str(finding["line"])}, | |
| {"name": "recommendation", "value": finding["recommendation"]}, | |
| ], | |
| } | |
| cbom["components"].append(component) | |
| return json.dumps(cbom, indent=2) | |
| # Gradio Interface | |
| def scan_interface(code: str) -> Tuple[str, str, str, str]: | |
| """Main interface function for Gradio.""" | |
| findings, qrs, summary = scan_code(code) | |
| findings_html = format_findings(findings) | |
| cbom_json = create_cbom_json(findings) | |
| # Create QRS gauge HTML | |
| qrs_color = "#44AA44" if qrs >= 80 else "#FFAA44" if qrs >= 60 else "#FF4444" | |
| qrs_html = f""" | |
| <div style="text-align: center; padding: 20px; background-color: #f8f9fa; border-radius: 10px; margin: 10px 0;"> | |
| <h2 style="margin: 0; color: #333;">Quantum Readiness Score</h2> | |
| <div style="font-size: 72px; font-weight: bold; color: {qrs_color}; margin: 10px 0;">{qrs}</div> | |
| <div style="font-size: 24px; color: #666;">/ 100</div> | |
| <div style="margin-top: 15px; padding: 10px; background-color: white; border-radius: 5px;"> | |
| {get_qrs_status(qrs)} | |
| </div> | |
| </div> | |
| """ | |
| return summary, findings_html, cbom_json, qrs_html | |
| # Example code for demo | |
| EXAMPLE_CODE = """// Example: Node.js crypto usage | |
| const crypto = require('crypto'); | |
| // CRITICAL: RSA-1024 is broken by quantum computers now | |
| const privateKey = crypto.generateKeyPairSync('rsa', { | |
| modulusLength: 1024, // β CRITICAL: Use 3072+ or ML-KEM | |
| }); | |
| // HIGH: RSA-2048 will be broken by 2035 | |
| const key2048 = crypto.generateKeyPairSync('rsa', { | |
| modulusLength: 2048, // β οΈ HIGH: Plan migration to ML-KEM | |
| }); | |
| // MEDIUM: RSA-3072 is transitional | |
| const key3072 = crypto.generateKeyPairSync('rsa', { | |
| modulusLength: 3072, // β οΈ MEDIUM: Evaluate hybrid PQC | |
| }); | |
| // LOW: AES-256 is quantum-safe (just double key length) | |
| const cipher = crypto.createCipher('aes-256-cbc', key); | |
| // CRITICAL: SHA-1 is completely broken | |
| const hash = crypto.createHash('sha1'); // β CRITICAL: Use SHA-256 | |
| hash.update('data'); | |
| // HIGH: ECDSA with P-256 | |
| const ec = crypto.createECDH('secp256k1'); // β οΈ HIGH: Use ML-DSA | |
| """ | |
| # Create Gradio app | |
| with gr.Blocks( | |
| title="Q-GRID Crypto Scanner", | |
| css=""" | |
| .container { max-width: 1200px; margin: 0 auto; } | |
| .header { text-align: center; padding: 20px; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; border-radius: 10px; margin-bottom: 20px; } | |
| .header h1 { margin: 0; font-size: 2.5em; } | |
| .header p { margin: 10px 0 0 0; font-size: 1.1em; opacity: 0.9; } | |
| .info-box { background-color: #e7f3ff; border-left: 4px solid #2196F3; padding: 15px; margin: 10px 0; border-radius: 5px; } | |
| .finding-critical { background-color: #ffebee; color: #c62828; padding: 5px 10px; border-radius: 4px; font-weight: bold; } | |
| .finding-high { background-color: #fff3e0; color: #ef6c00; padding: 5px 10px; border-radius: 4px; font-weight: bold; } | |
| .finding-medium { background-color: #fffde7; color: #f9a825; padding: 5px 10px; border-radius: 4px; font-weight: bold; } | |
| .finding-low { background-color: #e8f5e9; color: #2e7d32; padding: 5px 10px; border-radius: 4px; font-weight: bold; } | |
| """, | |
| ) as demo: | |
| with gr.Column(elem_classes="container"): | |
| # Header | |
| gr.HTML(""" | |
| <div class="header"> | |
| <h1>π Q-GRID Crypto Scanner</h1> | |
| <p>Detect quantum-vulnerable cryptography in your code β’ Powered by Taurus AI</p> | |
| </div> | |
| """) | |
| # Info box | |
| gr.HTML(""" | |
| <div class="info-box"> | |
| <strong>π About:</strong> This demo scans code for quantum-vulnerable cryptographic algorithms. | |
| It detects patterns like RSA-1024, ECDSA-P256, SHA-1, and provides a Quantum Readiness Score (QRS). | |
| <br><br> | |
| <strong>π― Try it:</strong> Paste your code below or use the example to see how it works! | |
| </div> | |
| """) | |
| with gr.Row(): | |
| # Left column: Input | |
| with gr.Column(scale=1): | |
| code_input = gr.Code( | |
| label="Paste your code here", | |
| language="javascript", | |
| value=EXAMPLE_CODE, | |
| lines=25, | |
| ) | |
| with gr.Row(): | |
| scan_btn = gr.Button("π Scan Code", variant="primary", size="lg") | |
| clear_btn = gr.Button("ποΈ Clear", size="lg") | |
| example_btn = gr.Button("π Load Example", size="lg") | |
| # Right column: Results | |
| with gr.Column(scale=1): | |
| qrs_gauge = gr.HTML(label="Quantum Readiness Score") | |
| summary = gr.Markdown(label="Summary") | |
| # Results sections | |
| with gr.Tabs(): | |
| with gr.TabItem("π Findings"): | |
| findings_output = gr.HTML(label="Detected Vulnerabilities") | |
| with gr.TabItem("π¦ CBOM Export"): | |
| gr.HTML(""" | |
| <div class="info-box"> | |
| <strong>CycloneDX CBOM:</strong> This JSON output follows the CycloneDX Cryptographic Bill of Materials standard. | |
| It can be imported into Q-GRID Comply for full enterprise management. | |
| </div> | |
| """) | |
| cbom_output = gr.Code(label="CBOM JSON", language="json", lines=30) | |
| with gr.TabItem("π Vulnerability Guide"): | |
| gr.HTML(""" | |
| <h3>π΄ Critical (Immediate Action)</h3> | |
| <p>Algorithms broken by quantum computers NOW:</p> | |
| <ul> | |
| <li><strong>RSA-1024, DSA-1024:</strong> Shor's algorithm breaks these completely</li> | |
| <li><strong>ECDH/ECDSA-P192:</strong> Quantum computers can solve ECDLP efficiently</li> | |
| <li><strong>SHA-1:</strong> Already broken classically, even worse with quantum</li> | |
| </ul> | |
| <p><strong>Recommendation:</strong> Replace with ML-KEM-768/1024 or ML-DSA-65/87 immediately</p> | |
| <h3>π High (12-Month Plan)</h3> | |
| <p>Algorithms that will be broken by 2035:</p> | |
| <ul> | |
| <li><strong>RSA-2048:</strong> Quantum advantage begins here</li> | |
| <li><strong>ECDH/ECDSA-P256:</strong> Most common elliptic curve, vulnerable by 2035</li> | |
| <li><strong>SHA-256:</strong> Grover's algorithm reduces security to 128-bit equivalent</li> | |
| </ul> | |
| <p><strong>Recommendation:</strong> Plan migration to hybrid (classical + PQC) within 12 months</p> | |
| <h3>π‘ Medium (Transitional)</h3> | |
| <p>Algorithms with transitional security:</p> | |
| <ul> | |
| <li><strong>RSA-3072:</strong> May survive until 2040 with increased key sizes</li> | |
| <li><strong>ECDH-P384:</strong> Higher security curve, longer timeline</li> | |
| </ul> | |
| <p><strong>Recommendation:</strong> Evaluate hybrid PQC deployment</p> | |
| <h3>π’ Low (Double Key Length by 2030)</h3> | |
| <p>Symmetric algorithms only affected by Grover's algorithm:</p> | |
| <ul> | |
| <li><strong>AES-128:</strong> Reduce to 64-bit equivalent security</li> | |
| <li><strong>AES-256:</strong> Reduce to 128-bit equivalent (still secure)</li> | |
| </ul> | |
| <p><strong>Recommendation:</strong> Double key lengths by 2030 to maintain security margin</p> | |
| """) | |
| # Footer | |
| gr.HTML(""" | |
| <div style="text-align: center; padding: 20px; margin-top: 30px; border-top: 1px solid #ddd; color: #666;"> | |
| <p><strong>Q-GRID Comply</strong> β’ Enterprise PQC Migration Platform</p> | |
| <p>Built by <a href="https://taurusai.io" target="_blank">Taurus AI Corp</a> β’ | |
| <a href="https://github.com/Taurus-Ai-Corp/taurus-ai-saas" target="_blank">GitHub</a> β’ | |
| <a href="https://huggingface.co/Taurus-BizFlow" target="_blank">HuggingFace</a></p> | |
| <p style="font-size: 0.9em; margin-top: 10px;"> | |
| This is a demo scanner. For enterprise CBOM generation, AI-powered analysis, | |
| and quantum-signed audit trails, visit <a href="https://taurusai.io/q-grid" target="_blank">taurusai.io/q-grid</a> | |
| </p> | |
| </div> | |
| """) | |
| # Event handlers | |
| scan_btn.click( | |
| fn=scan_interface, | |
| inputs=[code_input], | |
| outputs=[summary, findings_output, cbom_output, qrs_gauge], | |
| ) | |
| def clear_inputs(): | |
| return ( | |
| "", | |
| "<p>Scan code to see findings</p>", | |
| "{}", | |
| "<p>Scan code to see QRS</p>", | |
| ) | |
| clear_btn.click( | |
| fn=clear_inputs, | |
| inputs=[], | |
| outputs=[summary, findings_output, cbom_output, qrs_gauge], | |
| ) | |
| example_btn.click(fn=lambda: EXAMPLE_CODE, inputs=[], outputs=[code_input]) | |
| # Launch | |
| if __name__ == "__main__": | |
| demo.launch() | |