Table of Contents
Fetching ...

Assessing the Real-World Impact of Post-Quantum Cryptography on WPA-Enterprise Networks

Lukas Köder, Nils Lohmiller, Phil Schmieder, Bastian Buck, Michael Menth, Tobias Heer

TL;DR

The paper addresses securing WPA-Enterprise against quantum-capable adversaries by evaluating the real-world impact of post-quantum cryptography (PQC) on EAP-TLS/EAP-TTLS handshakes. Using a real testbed with FreeRADIUS and hostapd, the authors measure authentication latency across client, AP, and RADIUS components for various PQC configurations and compare them to classical schemes. They find that configurations such as ML-DSA with ML-KEM and Falcon offer favorable security–performance trade-offs, and that session resumption can significantly mitigate PQC overhead. The work demonstrates the practical feasibility of PQC-enabled WPA-Enterprise in enterprise Wi‑Fi and provides concrete guidance for deployment and migration, including the benefits of hybrid approaches and stateless session resumption.

Abstract

The advent of large-scale quantum computers poses a significant threat to contemporary network security protocols, including Wi-Fi Protected Access (WPA)-Enterprise authentication. To mitigate this threat, the adoption of Post-Quantum Cryptography (PQC) is critical. In this work, we investigate the performance impact of PQC algorithms on WPA-Enterprise-based authentication. To this end, we conduct an experimental evaluation of authentication latency using a testbed built with the open-source tools FreeRADIUS and hostapd, measuring the time spent at the client, access point, and RADIUS server. We evaluate multiple combinations of PQC algorithms and analyze their performance overhead in comparison to currently deployed cryptographic schemes. Beyond performance, we assess the security implications of these algorithm choices by relating authentication mechanisms to the quantum effort required for their exploitation. This perspective enables a systematic categorization of PQ-relevant weaknesses in WPA-Enterprise according to their practical urgency. The evaluation results show that, although PQC introduces additional authentication latency, combinations such as ML-DSA-65 and Falcon-1024 used in conjunction with ML-KEM provide a favorable trade-off between security and performance. Furthermore, we demonstrate that the resulting overhead can be effectively mitigated through session resumption. Overall, this work presents a first real-world performance evaluation of PQC-enabled WPA-Enterprise authentication and demonstrates its practical feasibility for enterprise Wi-Fi deployments.

Assessing the Real-World Impact of Post-Quantum Cryptography on WPA-Enterprise Networks

TL;DR

The paper addresses securing WPA-Enterprise against quantum-capable adversaries by evaluating the real-world impact of post-quantum cryptography (PQC) on EAP-TLS/EAP-TTLS handshakes. Using a real testbed with FreeRADIUS and hostapd, the authors measure authentication latency across client, AP, and RADIUS components for various PQC configurations and compare them to classical schemes. They find that configurations such as ML-DSA with ML-KEM and Falcon offer favorable security–performance trade-offs, and that session resumption can significantly mitigate PQC overhead. The work demonstrates the practical feasibility of PQC-enabled WPA-Enterprise in enterprise Wi‑Fi and provides concrete guidance for deployment and migration, including the benefits of hybrid approaches and stateless session resumption.

Abstract

The advent of large-scale quantum computers poses a significant threat to contemporary network security protocols, including Wi-Fi Protected Access (WPA)-Enterprise authentication. To mitigate this threat, the adoption of Post-Quantum Cryptography (PQC) is critical. In this work, we investigate the performance impact of PQC algorithms on WPA-Enterprise-based authentication. To this end, we conduct an experimental evaluation of authentication latency using a testbed built with the open-source tools FreeRADIUS and hostapd, measuring the time spent at the client, access point, and RADIUS server. We evaluate multiple combinations of PQC algorithms and analyze their performance overhead in comparison to currently deployed cryptographic schemes. Beyond performance, we assess the security implications of these algorithm choices by relating authentication mechanisms to the quantum effort required for their exploitation. This perspective enables a systematic categorization of PQ-relevant weaknesses in WPA-Enterprise according to their practical urgency. The evaluation results show that, although PQC introduces additional authentication latency, combinations such as ML-DSA-65 and Falcon-1024 used in conjunction with ML-KEM provide a favorable trade-off between security and performance. Furthermore, we demonstrate that the resulting overhead can be effectively mitigated through session resumption. Overall, this work presents a first real-world performance evaluation of PQC-enabled WPA-Enterprise authentication and demonstrates its practical feasibility for enterprise Wi-Fi deployments.
Paper Structure (18 sections, 7 figures, 6 tables)

This paper contains 18 sections, 7 figures, 6 tables.

Figures (7)

  • Figure 1: Post-Quantum Security of current EAP-TLS or EAP-TTLS based WPA-Enterprise Authentication and .
  • Figure 2: -EAP-TLS message exchange between a client and a RADIUS server over Wi-Fi. Large messages must be fragmented into several messages. The colors shown will be used consistently for all measurements in the 2.4 GHz and 5 GHz bands throughout this work.
  • Figure 3: Testbed setup for three evaluation situations: a) Excellent signal ($>$ –60 dBm) near the access point, b) good signal (–60 dBm to –70 dBm) in the adjacent room, and c) very weak signal ($<$ –70 dBm).
  • Figure 4: Median EAP-TLS duration of the three evaluation situations. The left bar represents the 2.4 GHz measurement and the right bar the 5 GHz.
  • Figure 5: Median EAP-TLS session resumption duration of the three evaluation situation. The left bar represents the 2.4 GHz measurement and the right bar the 5 GHz.
  • ...and 2 more figures