You'll be glad your VPN has post-quantum encryption, even if you don't need it now. Here's why.
Virtual private networks, or VPNs, have become an essential part of today's online security toolkit. A VPN hides your public IP address by routing your internet traffic through a remote server. It encrypts your data, scrambling it and making it unintelligible, to protect your sensitive information from prying eyes.
Right now, VPNs, like most modern internet infrastructure, rely on decades-old encryption standards like AES (some also use new ciphers like ChaCha20) for data encryption. However, with the looming threat of Q-day -- the day quantum computers become advanced enough to break today's encryption algorithms -- many of the best VPN services have started rolling out post-quantum encryption, or PQE, to future-proof their security credentials.
Let's explore the rising threat posed by quantum computers, why PQE could be a crucial safeguard, the trade-offs involved, and which VPN services are already adopting quantum-safe protection.
The Threat of Quantum Computing
Quantum computers, with their sophisticated processing power, could crack today's encryption algorithms in a matter of minutes. This is a significant concern, as current encryption standards, including AES, ChaCha20, and RSA, are more than sufficient for today's use cases because it would take traditional supercomputers millions of years to break these algorithms.
The US National Institute of Standards and Technology (NIST) has been working on post-quantum cryptography since 2016, inviting candidates from around the world to develop sophisticated algorithms that could withstand quantum computers. After years of research, NIST published four such standards in 2022, including CRYSTALS-Kyber, CRYSTALS-Dilithium, SPHINCS+, and FALCON.
Why Post-Quantum Encryption Matters for VPNs
The initial handshake is the most crucial part of the VPN connection process, as it forms the base of your entire VPN connection. Right now, these handshake mechanisms are vulnerable to quantum attacks. If powerful quantum computers were to become a reality, they could make it virtually impossible for VPNs to establish an initial handshake, rendering them ineffective.
This would compromise the privacy of hundreds of millions of people who use the internet and could have catastrophic consequences for the VPN industry, which 47% of Americans now use for privacy.
VPNs Implementing PQE
Some VPN services have already recognized the threat posed by quantum computers and have begun rolling out PQE-enabled protocols. ExpressVPN was one of the first to offer post-quantum encryption through its custom-built Lightway protocol and post-quantum WireGuard. NordVPN also offers post-quantum encryption via its proprietary NordLynx protocol, which uses the NIST-approved ML-KEM algorithm.
Mullvad VPN has also switched to the NIST standard ML-KEM, enabling quantum-resistant tunnels by default on all WireGuard connections in its Windows, Mac, Linux, Android, and iPhone apps.
Drawbacks of Post-Quantum Encryption
While PQE is essential for long-term security, it does come with some drawbacks. One significant limitation is compatibility. Providers like NordVPN explicitly state that PQE can't be used alongside certain features, such as dedicated IPs, obfuscated servers, older devices, or Meshnet.
Additionally, even when PQE is enabled by default, it may not be available in all situations. For example, you may lose PQE benefits if you're connecting to older VPN servers or using protocols that don't currently support post-quantum encryption.
The Future of PQE
It's important to note that PQE will likely become a standard feature in every VPN protocol by default once quantum threats become a reality. While you may not need PQE with your VPN connection right now, you'll be glad it's there in the future to ensure your online security and privacy.
