Assessing and Enhancing Quantum Readiness in Mobile Apps
By: Joseph Strauss , Krishna Upadhyay , A. B. Siddique and more
Potential Business Impact:
Makes phone apps safe from future computer attacks.
Quantum computers threaten widely deployed cryptographic primitives such as RSA, DSA, and ECC. While NIST has released post-quantum cryptographic (PQC) standards (e.g., Kyber, Dilithium), mobile app ecosystems remain largely unprepared for this transition. We present a large-scale binary analysis of over 4,000 Android apps to assess cryptographic readiness. Our results show widespread reliance on quantum-vulnerable algorithms such as MD5, SHA-1, and RSA, while PQC adoption remains absent in production apps. To bridge the readiness gap, we explore LLM-assisted migration. We evaluate leading LLMs (GPT-4o, Gemini Flash, Claude Sonnet, etc.) for automated cryptographic migration. All models successfully performed simple hash replacements (e.g., SHA-1 to SHA-256). However, none produced correct PQC upgrades due to multi-file changes, missing imports, and lack of context awareness. These results underscore the need for structured guidance and system-aware tooling for post-quantum migration
Similar Papers
Performance Analysis and Deployment Considerations of Post-Quantum Cryptography for Consumer Electronics
Cryptography and Security
Makes phones and gadgets safe from future computer hacks.
Performance Analysis and Industry Deployment of Post-Quantum Cryptography Algorithms
Cryptography and Security
Makes internet messages safe from future supercomputers.
Assessing the Impact of Post-Quantum Digital Signature Algorithms on Blockchains
Cryptography and Security
Secures online money from future super-computers.