Measurement Study of Post-Quantum Readiness of Internet: 2026

📅 2026-06-15
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This study evaluates the practical readiness of the Internet to migrate to post-quantum cryptography (PQC) in the face of emerging quantum computing threats. Through a large-scale measurement of 32,011 domains, the authors systematically analyze TLS protocol versions, cipher suites, key exchange mechanisms, and certificate types, revealing a critical disconnect in PQC deployment across essential infrastructure: while 49.3% of domains already support hybrid PQC key exchange (e.g., MLKEM768+X25519), adoption of post-quantum certificates remains at 0%. Sectors such as banking and government continue to rely heavily on TLS 1.2, underscoring a markedly uneven transition landscape. The findings highlight that the authentication layer remains a significant vulnerability in achieving quantum-safe security and provide empirical evidence to guide the ongoing PQC migration.
📝 Abstract
The emergence of quantum computing presents a fundamental challenge to the security of current Internet communication systems. Transport Layer Security (TLS), which forms the backbone of secure web communication, predominantly relies on classical public-key cryptographic algorithms such as RSA and elliptic curve cryptography (ECC), both of which are susceptible to quantum attacks. This paper conducts a large scale empirical evaluation of post-quantum readiness across 32,011 domains, with a primary focus on real-world TLS deployments across diverse sectors by analysing negotiated TLS parameters, including protocol versions, cipher suites, key exchange mechanisms, and certificates. The results indicate that while modern protocols like TLS 1.3 and QUIC are gaining adoption, 15.70% of domains especially in critical sectors such as banking and government still rely on TLS 1.2. Furthermore, 49.3% of domains support hybrid post-quantum key exchange mechanisms (e.g., MLKEM768 with X25519), whereas 50.7% continue to use classical key exchange, reflecting partial transition. Notably, 0% adoption of hybrid post-quantum certificates was observed, leaving the authentication layer vulnerable to quantum-enabled attacks such as certificate forgery. The findings reveal uneven adoption of post-quantum mechanisms across sectors, where technology driven platforms are advancing more rapidly than legacy-dependent infrastructures. Overall, the study highlights that achieving complete quantum resilience requires a coordinated transition not only in key exchange mechanisms but also in certificate infrastructures. Without such comprehensive migration, Internet communication systems remain vulnerable to long-term threats, including Harvest-Now-Decrypt-Later (HNDL) attacks.
Problem

Research questions and friction points this paper is trying to address.

post-quantum cryptography
TLS
quantum computing
certificate infrastructure
key exchange
Innovation

Methods, ideas, or system contributions that make the work stand out.

post-quantum cryptography
TLS deployment
hybrid key exchange
quantum readiness
certificate infrastructure
🔎 Similar Papers
No similar papers found.