Search papers, labs, and topics across Lattice.
This paper introduces a formal framework for analyzing the post-quantum cryptographic (PQC) readiness of message transformations across network layers. It categorizes per-layer cryptographic operations based on their quantum vulnerability and defines compositional rules for assessing the overall PQC status of a communication chain. The framework, validated across five communication scenarios, reveals surprising vulnerabilities in widely used protocols like WPA3-Personal and highlights the asymmetric requirements for confidentiality versus authentication in a post-quantum world.
Surprisingly, WPA2-Personal offers superior post-quantum security compared to WPA3-Personal, and complete authentication requires migrating *every* layer to post-quantum cryptography, while confidentiality only needs a single layer.
When a user sends a message over a wireless network, the message does not travel as-is. It is encrypted, authenticated, encapsulated, and transformed as it descends the protocol stack from the application layer to the physical medium. Each layer may apply its own cryptographic operations using its own algorithms, and these algorithms differ in their vulnerability to quantum computers. The security of the overall communication depends not on any single layer but on the \emph{composition} of transformations across all layers. We develop a preliminary formal framework for analyzing these cross-layer cryptographic transformations with respect to post-quantum cryptographic (PQC) readiness. We classify every per-layer cryptographic operation into one of four quantum vulnerability categories, define how per-layer PQC statuses compose across the full message transformation chain, and prove that this composition forms a bounded lattice with confidentiality composing via the join (max) operator and authentication via the meet (min). We apply the framework to five communication scenarios spanning Linux and iOS platforms, and identify several research challenges. Among our findings: WPA2-Personal provides strictly better PQC posture than both WPA3-Personal and WPA2-Enterprise; a single post-quantum layer suffices for payload confidentiality but \emph{every} layer must migrate for complete authentication; and metadata protection depends solely on the outermost layer.
