Quantum-Safe for Peplink router

bruce.wh.kuok · April 24, 2026, 2:05am

As title, Peplink have roadmap deploy Quantum-Safe to …

SpeedFusion or
another VPN protocol ?

mldowling · April 24, 2026, 3:39pm

Peplink and “quantum-safe” cryptography

As at 24 Apr 2026, I would not describe the current public Peplink router, switch and WAP ecosystem as quantum-safe in the strict post-quantum cryptography sense.

That said, there is an important distinction:

If Peplink equipment is being used only as transport infrastructure, then application-layer end-to-end encryption should carry most of the responsibility for protecting application payload data.

For example, HTTPS, SSH, application certificates, secure messaging, storage encryption, identity systems, and key management are primarily application- or endpoint-level responsibilities. In that sense, Peplink does not need to make every forwarded packet “quantum-safe” if the application traffic is already properly protected end-to-end.

However, that does not take Peplink infrastructure out of scope.

Network infrastructure still has its own cryptographic surface, including:

SpeedFusion / PepVPN / IPsec tunnels
InControl, Remote Web Admin and InTouch
local web admin, SSH and API access
AP and switch management
WPA-Enterprise, RADIUS / RadSec and certificate chains
firmware signing and update validation
device identity and trust anchors

So the onus is best described as shared:

Application-layer cryptography protects application data. Network infrastructure still needs to be crypto-agile and eventually PQC-ready for its own tunnel, management, authentication and trust functions.

Peplink’s SpeedFusion material describes strong classical cryptography: Diffie-Hellman key exchange followed by AES-256 encryption. AES-256 is not the main concern. The quantum concern is the traditional asymmetric cryptography used for key exchange and authentication, such as DH, ECDH, RSA and ECDSA.

ASD/ACSC guidance recommends that organisations identify where traditional asymmetric cryptography is used and plan to migrate away from RSA, DH, ECDH, and ECDSA by the end of 2030. NIST has finalised the first post-quantum standards, including ML-KEM for key establishment and ML-DSA / SLH-DSA for digital signatures.

Recent Peplink firmware notes include useful conventional security improvements, including tunnel hardening, API vulnerability fixes, WPA2/WPA3 defaults, RadSec support, and the removal of SHA-1 Diffie-Hellman key exchanges in some switch functions. These are positive improvements, but they are not the same as demonstrated post-quantum cryptography support.

Practical position

Until Peplink publishes a PQC or hybrid-PQC roadmap, I would describe the current ecosystem as:

Strong classical cryptography, but not yet demonstrated as quantum-safe.

For organisations following ACSC guidance, Peplink devices should still be included in the cryptographic inventory / CBOM and PQC transition plan, especially where SpeedFusion, PepVPN or IPsec carries sensitive data with long-lived confidentiality requirements, or where Peplink management and authentication services are exposed to higher-risk environments.

Some extended Questions for Peplink’s Engineering team

Is ML-KEM or hybrid-PQC key establishment planned for SpeedFusion / PepVPN?
Is PQC or hybrid support planned for IPsec / IKEv2, including RFC 8784-style protection or newer standards-based mechanisms?
What is the roadmap for InControl, Remote Web Admin, InTouch, local web admin, AP/switch management and firmware signing?
Which current hardware platforms will be capable of receiving those upgrades?
Will Peplink publish a PQC transition statement or crypto-agility roadmap aligned with ACSC/NIST guidance?

Reference links for additional information and research

Have a good weekend,
Marcus