Researchers Achieve Near‑Perfect Accuracy Classifying Post‑Quantum Cryptography Implementations

Global: Researchers Achieve Near‑Perfect Accuracy Classifying Post‑Quantum Cryptography Implementations

A recent arXiv preprint released in March 2025 reports that machine‑learning‑based classification techniques can reliably identify post‑quantum (PQ) cryptographic algorithms across a range of software libraries, network protocols, and zero‑knowledge proof systems. The study evaluates the feasibility of such classification for both defensive analysis and potential adversarial exploitation.

Methodology and Testbed

The authors examined two prominent PQ libraries—liboqs and CIRCL—by deploying them in common security protocols, including TLS, SSH, QUIC, OpenVPN, and OpenID Connect (OIDC), on Windows, Ubuntu, and macOS platforms. In addition, the research assessed SNARK generation and verification using pysnark and lattice_zksnark on Ubuntu, measuring observable side‑channel characteristics to train classification models.

High Classification Accuracy for Algorithms

Experimental results indicate that classical and PQ key‑exchange and signature algorithms are distinguishable with 98% and 100% accuracy, respectively. When focusing on specific PQ schemes, the models correctly identified key‑exchange algorithms 97% of the time and signature algorithms 86% of the time.

Distinguishing Library Implementations

Implementations of the same algorithm from liboqs and CIRCL were separable with up to 100% accuracy. Within the CIRCL library, pure PQ and hybrid key‑exchange implementations could be differentiated with 97% accuracy, highlighting subtle implementation‑level fingerprints.

Protocol‑Level and SNARK Classification

The study demonstrates that observers can determine whether a protocol’s key exchange is classical or PQ and pinpoint the specific PQ algorithm in use. Moreover, SNARK generation and verification processes in pysnark and lattice_zksnark were identified with perfect (100%) accuracy.

Real‑World Applicability

To illustrate practical relevance, the researchers applied their methods to the Tranco top‑million domain dataset, successfully flagging TLS endpoints that employ PQ key exchange. The techniques were also integrated into QUARTZ, an open‑source risk and threat analysis platform developed by Cisco.

Implications for Security Stakeholders

According to the authors, the ability to classify PQ cryptography with such precision could aid defenders in inventorying and monitoring PQ deployments, while also presenting a potential vector for attackers to tailor exploits based on identified algorithmic choices.

This report is based on information from arXiv, licensed under Academic Preprint / Open Access. Based on the abstract of the research paper. Full text available via ArXiv.