| Internet-Draft | FLAIR Cryptography Discovery | April 2026 |
| Kayas, et al. | Expires 29 October 2026 | [Page] |
This document introduces FLAIR (Framework for Language-Agnostic Intermediate Representation), a novel approach to discover cryptographic elements in source code. By detecting encryption components present in code, FLAIR addresses critical challenges like identifying deprecated and misconfigured implementations across diverse programming languages. Unlike language-specific tools, FLAIR employs semantic graphs to represent instances of encryption detected, enabling identification of cryptographic algorithm usage, associated parameters (keys, nonces, salts), and flag compliance status with established encryption standards. The semantic graph approach makes representing cryptographic algorithms and related elements independent of the underlying programming language.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 29 October 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Modern enterprise and cloud infrastructure increasingly relies on encrypted communication to protect sensitive data in transit. With the increasing integration of encrypted communication across enterprise and cloud infrastructure, a growing number of network outages and performance degradations are now traced to undetected cryptographic vulnerabilities in code [ref1]. Organizations face growing security risks from:¶
However, the proliferation of diverse programming languages, cryptographic libraries, and implementation patterns in source code creates significant impediment in building a holistic visibility tool capable of detecting and analyzing cryptographic usage across diverse network applications. Consequentially, organizations may struggle to identify and remediate cryptographic vulnerabilities before they lead to service disruptions.¶
Current open-source cryptographic detection solutions fall into two categories with distinct limitations: (1) general-purpose static analyzers (e.g., Bandit, Snyk, CodeQL, Joern, etc.), and (2) language-specific tools (e.g., CryptoGuard, CogniCrypt, Cryptolation, etc.).¶
Tools such as Bandit, Snyk, CodeQL, and Joern/CPG [ref2] are examples of general purpose static analyzers. They are typically used to detect vulnerabilities in code, such as security bugs, vulnerable libraries, and policy violations before the code is deployed. Static code analyzers have wide language coverage - there is a tool for nearly all major programming languages today. Cryptographic discovery is possible using these tools. They can break down code into graphs that can follow rules to detect specific cryptographic usage. However, such detections can have a high false-positive rate and will need several rules across different languages to achieve traceability of cryptographic materials (e.g., keys, nonces, salts, digests).¶
Tools such as CryptoGuard, CogniCrypt, and Cryptolation are examples of language-specific tools. These open-source tools provide precision within supported languages. In many cases, they go beyond pattern-matching to provide semantic understanding of cryptographic usage using machine learning models. However, they are designed to work extremely well for a single programming language. Enterprises which have polyglot codebases suffer from limited visibility during cryptographic discovery. Even though they receive high precision results from these tools, they would have to maintain multiple toolchains to cover their entire codebase. This leads to significant development and maintenance overhead.¶
This draft proposes a new framework for cryptographic discovery that combines the best of both existing approaches - language-specific tools with the coverage of general purpose static analyzers. There is a critical need for a language-agnostic approach which can (1) identify the usage of cryptographic libraries, (2) determine cryptographic parameters supporting their usage (keys, nonces, salts), and (3) specify which cryptographic algorithms are being invoked. This draft proposes a novel semantic approach that detects cryptographic libraries, how the invoked algorithms methods in these libraries get accessed throughout the code, and the associated cryptographic parameters. This language-agnostic approach overcomes the limitations of existing solutions by producing a unified JSON representation across diverse languages (Python, Java, JavaScript, etc.) to support cross-language rule development.¶
FLAIR is the first cryptographic detection tool achieving language independence through semantic graphs. This approach makes cryptographic discovery independent of function nomenclature and variable naming conventions. The detection of relationships between libraries, keys, and function calls remains unaffected by variable renaming or library substitution. Semantic graphs have demonstrated effectiveness in biological sciences [ref3]. This approach reduces false positives compared to pattern-matching solutions. Additionally, FLAIR can detect keys propagated across multiple function calls throughout an entire codebase.¶
FLAIR also detects and stores cryptography-relevant information only. By limiting crypto-relevant nodes and edges, FLAIR remains lightweight even on large codebases while achieving efficiency.¶
FLAIR consists of two main components:¶
The following diagram illustrates the overall FLAIR technical flow and components.¶
+---------------------------+
| Multi-Language Sources |
|---------------------------|
| Python | Java | JS | Rust |
| C/C++ | ... (etc.) |
+------------+--------------+
|
v
+-----------------------------------------------------+
| Step 1: Feature Extraction and Normalization |
|-----------------------------------------------------|
| Parser & Normalizer (Tree-sitter / ANTLR) |
| | |
| v |
| FLAIR IR Builder (Crypto-specific JSON) |
| | |
| v |
| IR Semantic Nodes (CALL, ENT, SYM) |
+-------------------------+---------------------------+
|
v
+------------------------------------------------------+
| Step 2: Crypto Semantic Graph (CSG) and Backtracking |
|------------------------------------------------------|
| Crypto Semantic Graph (CSG) |
| | |
| v |
| Multi-hop Backtracker |
| | |
| v |
| Compliance / Rules Engine |
|(as needed to flag weak keys, deprecated algos, etc.) |
+-------------------------+----------------------------+
|
v
+------------------+
| Database |
+------------------+
The first step utilizes a general purpose parser (like Tree-sitter or ANTLR) to parse the various cryptographic libraries and code constructs. The language-specific components are then generalized to their core algorithms and their specifications (like "ECDSA", "RSA", with parameters like key sizes, e.g., "256"). The resultant JSON from the parser is then converted into a FLAIR IR (Intermediate Representation) graph JSON. This resultant IR now contains only mappings between detected libraries and their usage in code. The graph structure utilizes nodes and edges - Nodes, to represent cryptographic information with contextual metadata; and Edges, to represent relationships between information and its code usage.¶
Four sub-processes execute sequentially in this step:¶
Detected ciphers, API calls, and entity information are stored in JSON format for downstream processing. Abstract crypto-related constructs into three node types: (1) CALL represents crypto API invocation (AES.new() , MessageDigest.getInstance("SHA1")), (2) ENT represents data entities (keys, IVs, nonces, constants), and (3) SYM represents symbolic identifiers (variables, parameters, aliases). This reduces language-specific syntax into a uniform crypto-specific IR JSON.¶
Now that we have three types of nodes, the next step is to add contextual information to these nodes. This happens in Step 2. In this step, the JSON graph is transformed into a Crypto Semantic Graph (CSG). A CSG is a semantic graph which stores rich entity information in nodes while edges represent relationships between nodes.¶
The CSG construction process is as follows:¶
Multihop backtracking traverses the Crypto Semantic Graph (CSG) backwards from a cryptographic sink (e.g., AES.encrypt, ECDSA.sign) to reconstruct the full provenance of all security-critical parameters (keys, nonces, salts, libraries, and related cryptographic materials). Each hop corresponds to a semantically meaningful dependency edge in the CSG.¶
def backtrace_entities(graph, start_call, target_roles=("key","iv","nonce","salt")):
Q = deque([start_call])
visited = set() # check if node is already visited
lineage = {"key": [], "iv": [], "nonce": [], "salt": []}
while Q:
node = Q.popleft()
if node in visited:
continue
visited.add(node)
for (src, dst, type) in graph.in_edges(node):
if type == "flows_to": # follow dependencies (salt, key, iv, nonce)
ent = src
if ent.role in target_roles:
lineage[ent.role].append(ent)
for (p, e, t2) in graph.in_edges(ent):
if t2 == "produced_by": # find who created this element
Q.append(p)
return lineage
¶
This finds all possible key/IV ancestors within a bounded hop count. It can detect, for example, that an IV entity with a constant origin comes from a hard-coded literal. In practice we limit depth (e.g. less than 50 hops) and stop at function/class boundaries.¶
Consider a developer using cryptographic libraries to encrypt API traffic to web servers. The application must import cryptographic libraries, invoke algorithm-specific functions, and generate required keys. In the semantic graph JSON output, FLAIR detects the called algorithms. A post-processing step assembles file graphs into a repo-level CSG. Findings are emitted in JSON or SARIF format: each includes file, line, primitive, hash, OID, confidence, tags (e.g. STATIC_IV), and the key/IV lineage summary. Example finding:¶
{
"file": "src/crypto/sign.py",
"line": 42,
"primitive": "ECDSA",
"hash": "SHA256",
"risk_tags": [],
"lineage": {
"key": [{"origin":"gen_keypair","curve":"secp256r1"}],
"iv": []
},
"explanation": "ECDSA(SHA256) with EC P-256 key; lineage consistent."
}
¶
The graph reveals source file, utilized algorithms, and associated key pairs. If the function used SHA1 instead of SHA256, FLAIR would detect this deprecated algorithm violation. The language-independence of this approach means cryptographic discovery is unaffected by function nomenclature or library switching, providing superior robustness to traditional pattern-matching approaches. The output can be stored in a database for further analysis or reporting. The output can also be extended to flag compliance violations based on organizational policies (e.g., deprecated algorithms, weak key sizes, etc.).¶
Organizations implementing FLAIR should will have to write custom rules for their cryptographic policies. Additional operational considerations include:¶
The framework does not itself process sensitive cryptographic material; it analyzes code patterns and dependencies. Users should ensure appropriate access controls on source code repositories and generated reports containing cryptographic dependency information.¶
FLAIR represents a significant advancement in cryptographic element discovery by providing language-agnostic, semantic graph-based analysis that overcomes limitations of existing general-purpose and language-specific tools. By enabling comprehensive identification of cryptographic usage across polyglot enterprise environments, FLAIR facilitates compliance with cryptographic standards, detection of policy violations, and proactive migration to quantum-safe cryptography.¶
The framework's targeted approach to graph optimization ensures scalability across large codebases while maintaining the precision necessary for accurate security analysis and policy enforcement.¶