Observability for Post-Quantum TLS Readiness: A Multi-Surface Evidence Framework

This paper presents a multi-surface evidence framework for observability in post-quantum TLS readiness that integrates passive, active, and registry-based measurements to accurately distinguish session behaviors and endpoint capabilities, demonstrating significantly superior detection of hybrid key establishment and quantum vulnerabilities compared to existing baseline analyzers.

The Gist

Imagine the internet's security system (TLS) is like a high-tech bank vault. For decades, the locks on these vaults have been made of "classical" metal. But scientists have discovered a new kind of "quantum" tool that could eventually pick these locks. To stay safe, banks are starting to install "hybrid" locks—combining the old metal with a new, super-strong quantum alloy.

The problem? We need to know which banks actually have these new hybrid locks installed. But checking is tricky. Some banks only show the lock when you walk up to the door (a passive view), while others hide the lock behind a one-way mirror (an encrypted view). Some banks might have the new lock installed but only use the old one for a specific customer.

This paper presents a new multi-surface inspection framework to solve this. Instead of just looking at the door, the authors built a system that checks the vault from four different angles to get the full picture.

The Four Angles of Inspection (The "Surfaces")

Think of trying to figure out if a bank is ready for the future. You can't just stand on the sidewalk; you need to look from different places:

1. The Sidewalk View (Passive Session): You stand on the street and watch a customer walk in. You see what they do, but you can't see everything inside. In the digital world, this is "passive" monitoring. It works great for older systems (TLS 1.2) where the door is open, but for newer, encrypted systems (TLS 1.3), the door is closed, and you can't see the lock mechanism.
2. The Detective's Probe (Active Probing): Instead of just watching, the detective knocks on the door and asks, "Hey, do you have a hybrid lock?" The bank might say, "Yes, I do," even if the customer who just walked in didn't ask for it. This reveals what the bank can do, not just what it did do.
3. The Blueprint Check (Certificate Chain): The detective goes to the bank's office to look at the blueprints and the ID badges of the guards. This confirms who the bank is and how long their current security plan lasts.
4. The Rulebook (Registry): The detective carries a massive, up-to-date encyclopedia of all known lock types, including the new experimental ones, to make sure they are naming things correctly.

The "Measurement Object": A Complete Report Card

The paper argues that old tools just give you a "Yes/No" answer based on what they saw on the sidewalk. If they didn't see the new lock, they say "No."

The new framework creates a structured report card (a "Measurement Object") that separates different facts:

• What happened in this specific transaction? (The customer used an old lock.)
• What is the bank capable of? (The bank has a hybrid lock and can use it if asked.)
• Who is the bank? (Verified by the blueprints.)
• What is the confidence level? (Did we see it, or are we guessing?)

Crucially, this report card admits when it doesn't know. If the door is closed and the detective can't knock, the report says "Unknown" instead of guessing "No." It also flags contradictions, like if the blueprints say "Hybrid Lock" but the door only ever shows "Old Lock."

The Experiments: What They Found

The authors tested their system in two ways:

1. The Lab Test (Controlled Scenarios): They built 29 fake bank vaults in a lab with known settings (some with hybrid locks, some without, some with broken doors, some with hidden locks).

   • The Old Tool: A standard security scanner (the "baseline") only found the new locks in 2 out of 29 cases. It missed almost all the modern, encrypted vaults.
   • The New System: By combining all four angles, their system figured out the correct status for almost every single scenario, even when the data was messy or incomplete.

2. The Real-World Test (Public Campaign): They scanned 1,000 real websites on the internet.

   • The Surprise: Standard scanners said 0 of these sites had hybrid locks.
   • The New System: By using the "Detective's Probe" (asking specifically for hybrid locks), they found 310 sites that could use hybrid locks, even though they usually used old ones.
   • The "Broader Capability" Insight: For those 310 sites, the new system proved that the sites were capable of using the new locks, even if the specific customer who visited them didn't trigger that feature. It's like finding out a car has a turbo button, even if the driver never pressed it.

The Takeaway

The paper concludes that to know if the internet is ready for the quantum future, we can't just look at what happens on the surface. We need a multi-layered approach:

• Watch the traffic (Passive).
• Ask the server what it can do (Active).
• Check the certificates (Chain).
• Keep a strict record of what we know, what we don't know, and where the information came from.

This approach prevents us from falsely thinking a system is safe just because we didn't see a problem, or falsely thinking it's unsafe just because we couldn't see the new features. It treats "I don't know" as a valid and important answer, rather than a failure.

Technical Summary

Technical Summary: Observability for Post-Quantum TLS Readiness

Problem Statement
The transition to Post-Quantum Cryptography (PQC) in Transport Layer Security (TLS) presents a significant observability challenge. As the ecosystem migrates from classical algorithms to NIST-standardized ML-KEM and ML-DSA, often via hybrid key-establishment mechanisms (e.g., X25519MLKEM768), operators and auditors lack reliable methods to assess endpoint readiness. Existing approaches face several limitations:

• Protocol Opacity: TLS 1.3 encrypts handshake material, including certificates, rendering passive packet inspection insufficient for authentication and lifecycle analysis.
• Evidence Fragmentation: Endpoint capability (what a server supports) often diverges from session negotiation (what a specific client negotiates). Furthermore, certificate chains collected via active probing may not link temporally or logically to a previously captured passive session.
• Measurement Gaps: Traditional packet inspection tools often fail to distinguish between classical negotiation and latent hybrid capability, and they struggle to handle incomplete, contradictory, or ambiguous evidence without producing false positives or negatives.

Methodology
The authors propose a Multi-Surface Evidence Framework that treats PQC readiness as an observability problem requiring distinct evidence sources mapped to specific measurement planes.

1. Four Evidence Surfaces:

   • $\Sigma_P$ (Passive Session): Extracted from packet captures (e.g., TLS version, cipher suite, visible groups). Limited in TLS 1.3 due to encryption.
   • $\Sigma_A$ (Active Probe): Generated by controlled probes (e.g., client profiles offering specific groups). Used to infer endpoint capability lower bounds.
   • $\Sigma_C$ (Certificate Chain): Artifacts collected via active retrieval or passive visibility, providing authentication and lifecycle data.
   • $\Sigma_R$ (Registry & Rules): Canonical mappings for identifiers (groups, OIDs), aliases, and inference rules.

2. Measurement Planes:
   Evidence is projected onto seven planes: Session, Key Establishment, Capability, Authentication, Lifecycle, Observability, and Policy. A measurement object is considered "closed" in a plane only when sufficient evidence from the appropriate surface is available.

3. Artifact and Benchmark Design:

   • PQ-TLS Observability Benchmark v1: A reproducible artifact containing 29 scenarios (14 canonical, 15 stress). Canonical scenarios test extraction under clean conditions; stress scenarios test handling of truncation, fragmentation, temporal drift, HelloRetryRequest (HRR), and contradictory evidence.
   • Evaluation Modes: The framework compares four modes:
     • B0: Inherited baseline (reference packet inspector).
     • B1: Passive-only.
     • B2: Passive + Active probing.
     • B3: Full Multi-surface (Passive + Active + Chain + Registry).
   • Stress Contracts: Unlike exact-match ground truth, stress scenarios use behavioral contracts to reward correct handling of unknown, not_applicable, ambiguity, and contradiction states.

Key Contributions

1. Multi-Surface Evidence Model: A formal separation of passive session, active probe, certificate-chain, and registry evidence, mapping them to distinct measurement planes to prevent conflation of session behavior with endpoint capability.
2. Schema-Enforced Reproducible Artifact: A public implementation (pq_tls_observability) featuring JSON Schemas for scenarios and results, versioned registries for evolving PQC identifiers, and auditable inference rules.
3. Stress-Contract Evaluation: A methodology that scores tools on their ability to preserve uncertainty and detect contradictions rather than forcing binary decisions on incomplete data.
4. Empirical Validation:
   • Controlled Benchmark: Evaluation across 29 scenarios covering TLS 1.2/1.3, hybrid/classical keys, mTLS, and various network conditions.
   • Public Campaign: A stratified study of 1,000 public targets with 2,000 probes, comparing the framework against standard scanners (SSLyze, testssl.sh) and inherited baselines.

Results

• Benchmark Performance:
  • The inherited baseline (B0) detected only 2 of 29 runs and 0 of 23 TLS 1.3 runs, highlighting the failure of packet-only inspection in encrypted environments.
  • The multi-surface mode (B3) achieved full closure across all planes in canonical scenarios and correctly handled uncertainty in stress scenarios.
• Public Campaign Findings:
  • The framework completed 1,971 handshakes and collected 1,368 chain artifacts.
  • It confirmed hybrid capability for 310 targets. Crucially, these 310 targets were identified as "capability-broader-than-session" cases: a single classical session view would have reported them as classical-only, while dual-probe measurement revealed their hybrid support.
  • Standard scanners (SSLyze, testssl.sh) reported 0 hybrid-confirmed targets in the 250-target baseline-zoo slice, whereas the dual-probe mode confirmed 70.
  • Stability: A repeated round (R1) showed high stability (99.42% clear-complete stability) with minimal drift in capability and certificate data.
• Family Heterogeneity: Hybrid confirmation rates varied significantly by operational family (e.g., 0.620 for knowledge communities vs. 0.110 for government and cloud vendors).

Significance and Claims
The paper claims that reliable post-quantum TLS readiness assessment requires a structured measurement discipline that separates:

1. Session Behavior (what was negotiated) from Endpoint Capability (what is supported).
2. Evidence Sources (passive vs. active vs. chain) to maintain explicit provenance and linkage.
3. Measurement from Policy Judgments, allowing operators to see raw evidence before applying readiness verdicts.

The authors argue that treating unknown, not_applicable, ambiguity, and contradiction as first-class measurement outputs is essential for accurate auditing. They conclude that current scanner baselines provide useful classical signals but fail to reveal latent hybrid capabilities without deliberate profile variation (dual-probing) and multi-surface evidence collection. The framework provides the necessary infrastructure to close the gap between visible packet indicators and a complete, evidence-based assessment of post-quantum readiness.