crypto-analyzer

# Crypto Analyzer Skill ## Purpose Analyze and validate cryptographic implementations to ensure proper algorithm usage, key sizes, certificate validity, and compliance with cryptographic best practices and standards. ## Capabilities ### Encryption Implementation Analysis - Analyze symmetric encryption usage (AES, ChaCha20) - Review asymmetric encryption implementations (RSA, ECDSA) - Check encryption mode selection (GCM, CBC, CTR) - Validate initialization vector (IV) handling - Verify padding schemes - Identify insecure encryption patterns ### Algorithm Strength Validation - Check algorithm deprecation status - Validate against NIST recommendations - Compare with FIPS 140-3 requirements - Assess quantum resistance readiness - Flag weak or deprecated algorithms - Recommend algorithm upgrades ### Key Size Verification - Validate RSA key lengths (minimum 2048-bit) - Check ECC curve selections - Verify symmetric key sizes - Assess key derivation functions - Check PBKDF2/scrypt/bcrypt parameters - Validate key stretching implementations ### Deprecated Algorithm Detection - Identify MD5 and SHA-1 usage - Flag DES and 3DES usage - Detect RC4 stream cipher - Find weak random number generation - Identify export-grade cryptography - Flag custom/homegrown crypto ### Certificate Analysis - Verify certificate validity periods - Check certificate chain completeness - Validate certificate key usage - Detect wildcard certificate risks - Check certificate transparency logs - Monitor ...