Decryption Administration
  • Decryption Administration
  • Network Security Documentation
  • All Documentation
>
Post-Quantum Cryptography Detection and Control
Focus
Download PDF
Focus
  1. Home
  2. Network Security
  4. PQC and Decryption
  5. Post-Quantum Cryptography Detection and Control
Download PDF
Network Security

Post-Quantum Cryptography Detection and Control

Table of Contents

Post-Quantum Cryptography Detection and Control

NGFWs can detect, block or allow, and log TLSv1.3 sessions that use post-quantum cryptography.
Where Can I Use This?What Do I Need?
  • NGFW
Depending on the products you're using, you need at least one of...
Post-quantum cryptography (PQC) algorithms and hybrid PQC algorithms (classical and PQC algorithms combined) are accessible through open-source libraries and integrated into web browsers and other technologies. Traffic encrypted by PQC or hybrid PQC algorithms can't be decrypted yet, making these algorithms vulnerable to misuse. However, you can prevent the misuse of PQC and hybrid PQC algorithms and make informed decisions by monitoring PQC activity on your network.
Using a Palo Alto Networks Next-Generation Firewall (NGFW), you can detect, block, and log the use of PQC and hybrid PQC algorithms in TLSv1.3 sessions. This is done automatically based on the settings in your decryption policy rules. Review your rules and update your decryption configuration as needed to get the most visibility into PQC activity. These actions should be part of your post-quantum migration planning and preparation strategy.
  • How the NGFW Detects and Handles Post-Quantum Cryptography
  • Post-Quantum Cryptography and Decryption Logs
  • Decryption Configuration Recommendations

How the NGFW Detects and Handles Post-Quantum Cryptography

If SSL traffic matches an SSL Forward Proxy or SSL Inbound Inspection decryption policy rule, the NGFW prevents negotiation with PQC, hybrid PQC, and other unsupported algorithms. The following detection and blocking process enables the NGFW to continuously decrypt and identify threats during a session:
  1. ClientHello Inspection. The NGFW checks the ClientHello for the supported_groups TLS extension. This extension specifies the groups that the client supports for key exchange.
  2. Comparison of Values. The NGFW compares the hexadecimal value in the supported-groups extension to a set of known values for PQC and hybrid PQC algorithms. This is how the NGFW identifies the specific algorithms supported by the client.
  3. Removal of Unsupported Algorithms. When SSL Forward Proxy and Inbound Inspection decryption policy rules are applied, the NGFW removes PQC, hybrid PQC, and other unsupported algorithms from the ClientHello. This forces the client to negotiate exclusively with classical algorithms.
  4. Session Restart and Negotiation with Classical Algorithms. The session restarts, and the client and server negotiate with classical algorithms. (For a list of supported cipher suites, see PAN-OS 11.1 Decryption Cipher Suites.)
However, if the client strictly negotiates PQC, hybrid PQC, or other unsupported algorithms, the NGFW drops the session.
If SSL traffic matches a “no-decrypt” decryption policy rule or doesn’t match any decryption policy rules, the NGFW allows negotiation with PQC or hybrid PQC algorithms. However, details of sessions that negotiate these algorithms are available in decryption logs only when session traffic matches a “no-decrypt” decryption policy rule.

Post-Quantum Cryptography and Decryption Logs

Decryption logs provide visibility into post-quantum cryptography activity on your network for sessions that negotiate PQC or hybrid PQC algorithms and match a “no decrypt” decryption policy rule. The decryption logs for sessions matching this criteria include details such as the key exchange (KE) and the negotiated EC curve.
In the case where SSL traffic matches an SSL Forward Proxy or SSL Inbound Inspection decryption policy rule and the client only supports post-quantum algorithms, the session is dropped. The error column in the corresponding decryption log states that the client only supports post-quantum algorithms.
By default, the NGFW generates decryption logs for all unsuccessful TLS handshake traffic. However, you can log both successful and unsuccessful TLS handshakes in the Log Settings of decryption policy rules (PoliciesDecryptionOptions). Configure Decryption Logging shares additional considerations.
The following table summarizes how the NGFW enforces and logs PQC activity.

Summary of PQC Detection, Blocking, and Logging Behavior

If Decryption Policy Rule TriggeredIf Decryption Policy Rule with No-Decrypt Action TriggeredIf No Decryption Policy Rule Is Triggered
Client Supports Classical AlgorithmsClient Only Supports PQC or Hybrid PQC Algorithms
Session StatusPQC and hybrid PQC algorithms are stripped from the ClientHello, and the session restarts with classical algorithmsPQC algorithms are stripped from the ClientHello, and the session is droppedSession successfully negotiates with a PQC or hybrid PQC algorithm (no decryption)Session successfully negotiates with PQC or hybrid PQC algorithm (no decryption)
Decryption Log BehaviorDecryption logs note negotiation of a classical algorithm (a PQC algorithm isn’t noted as it wasn’t negotiated)Log records the “Client only supports Post-Quantum algorithms" error messageThe Negotiated EC Curve column records the name of the PQC or hybrid PQC algorithm negotiatedNo log generated

Decryption Configuration Recommendations

Review the logging settings in your decryption policy rules and use other tools for enhanced visibility and control over PQC and hybrid PQC activity in your network. The following recommendations assume a security-first approach to detection, enforcement, and logging:
  • Log successful and unsuccessful handshakes in the Log Settings of decryption policy rules. Select PoliciesDecryptionOptions, and then select Log Successful SSL Handshakes and Log Unsuccessful SSL Handshakes.
    Logging all TLS handshakes may increase the volume of logs on your system. The default quota for decryption logs is one percent of your NGFW's log storage capacity. To configure a larger log storage space quota for decryption logs, select DeviceSetupManagementLogging and Reporting SettingsLog Storage. (Configure Decryption Logging provides more details.)
  • Create exclusions or separate rules for internal testing of PQC and hybrid PQC algorithms.
  • To log traffic that you don’t decrypt, create a policy-based decryption exclusion or apply a “no decrypt” decryption profile to the decryption policy rules that govern this traffic.
  • Review the global counter for PQC and hybrid PQC algorithms. The counter increments whenever a client attempts to negotiate with a PQC or hybrid PQC algorithm. Use the following CLI command: show counter global name ssl_pqc_session_cnt.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.