Assessing the Real-World Impact of Post-Quantum Cryptography on WPA-Enterprise Networks

• URL: http://arxiv.org/abs/2601.22892v1
• Date: Fri, 30 Jan 2026 12:12:07 GMT
• Title: Assessing the Real-World Impact of Post-Quantum Cryptography on WPA-Enterprise Networks
• Authors: Lukas Köder, Nils Lohmiller, Phil Schmieder, Bastian Buck, Michael Menth, Tobias Heer,
• Abstract summary: We investigate the performance impact of Post-Quantum Cryptography (PQC) algorithms on WPA-Enterprise-based authentication.<n>We evaluate multiple combinations of PQC algorithms and analyze their performance overhead.<n>This work presents a first real-world performance evaluation of PQC-enabled WPA-Enterprise authentication.
• Score: 1.0057058606878277
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: The advent of large-scale quantum computers poses a significant threat to contemporary network security protocols, including Wi-Fi Protected Access (WPA)-Enterprise authentication. To mitigate this threat, the adoption of Post-Quantum Cryptography (PQC) is critical. In this work, we investigate the performance impact of PQC algorithms on WPA-Enterprise-based authentication. To this end, we conduct an experimental evaluation of authentication latency using a testbed built with the open-source tools FreeRADIUS and hostapd, measuring the time spent at the client, access point, and RADIUS server. We evaluate multiple combinations of PQC algorithms and analyze their performance overhead in comparison to currently deployed cryptographic schemes. Beyond performance, we assess the security implications of these algorithm choices by relating authentication mechanisms to the quantum effort required for their exploitation. This perspective enables a systematic categorization of PQ-relevant weaknesses in WPA-Enterprise according to their practical urgency. The evaluation results show that, although PQC introduces additional authentication latency, combinations such as ML-DSA-65 and Falcon-1024 used in conjunction with ML-KEM provide a favorable trade-off between security and performance. Furthermore, we demonstrate that the resulting overhead can be effectively mitigated through session resumption. Overall, this work presents a first real-world performance evaluation of PQC-enabled WPA-Enterprise authentication and demonstrates its practical feasibility for enterprise Wi-Fi deployments.

Related papers

• Towards Quantum-Resistant Trusted Computing: Architectures for Post-Quantum Integrity Verification Techniques [0.0]
  The transition of firmware protection to Post-Quantum Cryptography (PQC) is urgent.<n>This paper offers an analysis of the most common trust techniques and their roadmap towards a Post-Quantum (PQ) world.
  arXiv  Detail & Related papers  (2026-01-16T08:52:09Z)
• Post-Quantum Cryptography for Intelligent Transportation Systems: An Implementation-Focused Review [8.030140777380444]
  Governments and industry stakeholders are turning toward post-quantum cryptography (PQC)<n>PQC algorithms are designed to resist adversaries equipped with quantum computing capabilities.<n>This review fills that gap by evaluating the readiness of vehicular communication and security standards for PQC adoption.
  arXiv  Detail & Related papers  (2026-01-03T04:39:06Z)
• A Scalable Framework for Post-Quantum Authentication in Public Key Infrastructures [0.0]
  This work explores the performance and scalability of a hierarchical certificate authority framework with automated certificate issuance.<n>The system is designed for compatibility with both classical and PQC algorithms, promoting crypto-agility while ensuring robust security against quantum-based threats.
  arXiv  Detail & Related papers  (2025-04-16T13:18:11Z)
• Performance Analysis and Industry Deployment of Post-Quantum Cryptography Algorithms [0.8602553195689513]
  The National Institute of Standards and Technology (NIST) has selected CRYSTALS-Kyber and CRYSTALS-Dilithium as standardized PQC algorithms for secure key exchange and digital signatures.<n>This study conducts a comprehensive performance analysis of these algorithms by benchmarking execution times across cryptographic operations.<n>Our findings demonstrate that Kyber and Dilithium achieve efficient execution times, outperforming classical cryptographic schemes such as RSA and ECDSA at equivalent security levels.
  arXiv  Detail & Related papers  (2025-03-17T09:06:03Z)
• ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Enhancing Transportation Cyber-Physical Systems Security: A Shift to Post-Quantum Cryptography [6.676253819673155]
  The rise of quantum computing threatens traditional cryptographic algorithms that secure Transportation Cyber-Physical Systems ( TCPS) The objective of this paper is to underscore the urgency of transitioning to post-quantum cryptography (PQC) to mitigate these risks. We analyzed vulnerabilities in traditional cryptography against quantum attacks and reviewed the applicability of NIST-standardized PQC schemes in TCPS.
  arXiv  Detail & Related papers  (2024-11-20T04:11:33Z)
• AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? [54.65079443902714]
  We introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs. Our results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model.
  arXiv  Detail & Related papers  (2024-11-02T13:24:30Z)
• Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
  We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
  arXiv  Detail & Related papers  (2024-11-02T00:02:01Z)
• Benchmarking End-To-End Performance of AI-Based Chip Placement Algorithms [77.71341200638416]
  ChiPBench is a benchmark designed to evaluate the effectiveness of AI-based chip placement algorithms.<n>We have gathered 20 circuits from various domains (e.g., CPU, GPU, and microcontrollers) for evaluation.<n>Results show that even if intermediate metric of a single-point algorithm is dominant, the final PPA results are unsatisfactory.
  arXiv  Detail & Related papers  (2024-07-03T03:29:23Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Tamper-Evident Pairing [55.2480439325792]
  Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
  arXiv  Detail & Related papers  (2023-11-24T18:54:00Z)
• Robust and efficient verification of graph states in blind measurement-based quantum computation [52.70359447203418]
  Blind quantum computation (BQC) is a secure quantum computation method that protects the privacy of clients. It is crucial to verify whether the resource graph states are accurately prepared in the adversarial scenario. Here, we propose a robust and efficient protocol for verifying arbitrary graph states with any prime local dimension.
  arXiv  Detail & Related papers  (2023-05-18T06:24:45Z)
• Differentially Private Deep Q-Learning for Pattern Privacy Preservation in MEC Offloading [76.0572817182483]
  attackers may eavesdrop on the offloading decisions to infer the edge server's (ES's) queue information and users' usage patterns. We propose an offloading strategy which jointly minimizes the latency, ES's energy consumption, and task dropping rate, while preserving pattern privacy (PP) We develop a Differential Privacy Deep Q-learning based Offloading (DP-DQO) algorithm to solve this problem while addressing the PP issue by injecting noise into the generated offloading decisions.
  arXiv  Detail & Related papers  (2023-02-09T12:50:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.