In April 2026, approximately 300 million people use Zoom every day. Microsoft Teams surpassed 320 million monthly active users last quarter. Google Meet handles roughly 100 million daily participants. Combined, these three platforms carry the majority of the world's professional video communication — board meetings, legal consultations, medical appointments, investor calls, classified briefings, and everything in between.
Every one of those calls is encrypted. TLS protects the signaling channel. DTLS-SRTP encrypts the media. By the standards of 2020, this was considered excellent security. By the standards of 2026, it is a ticking time bomb. The encryption algorithms that protect these calls — ECDH for key exchange, ECDSA or RSA for authentication — will be broken by quantum computers. Not theoretically. Mathematically. Shor's algorithm solves the discrete logarithm and integer factorization problems that underpin every classical asymmetric cipher in polynomial time on a quantum computer.
The question is not whether quantum computers will break these algorithms. The question is when. And for anyone whose encrypted video traffic is being recorded today, "when" does not matter. The damage is already done. The encrypted packets are already stored. Only the decryption is deferred.
The Harvest-Now-Decrypt-Later Threat Is Not Theoretical
Harvest-now-decrypt-later (HNDL) is the foundational threat model for quantum attacks on communications. The concept is straightforward: an adversary records encrypted network traffic today, stores it in bulk, and waits until a cryptographically relevant quantum computer (CRQC) becomes available to decrypt everything retroactively.
This is not a scenario from a cybersecurity vendor's marketing deck. The National Security Agency (NSA) publicly acknowledged HNDL in its Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) guidance, released in September 2022, explicitly warning that "data encrypted today using vulnerable algorithms may be harvested and decrypted in the future." The NSA set a deadline: national security systems must transition to post-quantum algorithms by 2030 for key exchange and 2033 for digital signatures.
Multiple intelligence agencies operate large-scale traffic collection programs. The cost of storing petabytes of encrypted traffic is negligible compared to the intelligence value of decrypting it later. A single board meeting discussing a major defense acquisition, recorded encrypted today and decrypted in 2035, could be worth billions in strategic advantage. A diplomatic negotiation, a pharmaceutical research discussion, a merger arbitrage strategy — the value of these conversations does not diminish with time. In many cases it increases.
The HNDL timeline for video calls
Why Zoom, Teams, and Meet Are Vulnerable
We have audited the publicly available security documentation for every major video platform. None of them use post-quantum key exchange. None of them use post-quantum digital signatures. Their encryption is strong by classical standards and will be completely broken by quantum computers.
| Platform | Key Exchange | Signatures | Quantum Safe |
|---|---|---|---|
| Zoom | ECDH (P-256) | ECDSA | No |
| Microsoft Teams | ECDH (P-256) | RSA / ECDSA | No |
| Google Meet | ECDH (X25519) | ECDSA | No |
| Webex | ECDH | RSA | No |
| V100 | ML-KEM-768 + X25519 | ML-DSA-65 + FALCON-512 | Yes (3 families) |
Zoom introduced end-to-end encryption in 2020 using the Messaging Layer Security (MLS) protocol. The underlying key agreement is ECDH over P-256. Zoom's security whitepaper, last updated in 2025, makes no mention of post-quantum algorithms. Their E2EE also disables features like cloud recording, live transcription, and breakout rooms, which makes it impractical for most enterprise use.
Microsoft Teams offers E2EE only for one-to-one calls, not group meetings. The key exchange uses ECDH. Group meetings are encrypted in transit (TLS/SRTP) but not end-to-end — Microsoft's infrastructure decrypts and re-encrypts at the server. There is no publicly disclosed post-quantum roadmap.
Google Meet does not offer end-to-end encryption at all. Google provides client-side encryption (CSE) for Workspace Enterprise Plus customers, which encrypts data before it leaves the client, but the key management relies on a third-party key service and classical ECDH key agreement. No post-quantum protection has been announced.
The pattern is consistent. Every major video platform relies exclusively on elliptic-curve cryptography for key exchange and classical algorithms for digital signatures. None have shipped post-quantum protections. None have disclosed timelines for doing so.
What V100 Does Differently: Three PQ Algorithm Families
V100 does not rely on a single post-quantum algorithm. A single algorithm is a single bet — if that algorithm is broken, the entire security model collapses. V100 deploys three independent post-quantum algorithm families, each based on a different mathematical hardness assumption. An attacker must break all three simultaneously to compromise a V100 session. Breaking one or two yields nothing.
V100's three independent PQ families
The three-family design is not redundancy for its own sake. It is a deliberate architectural decision based on the principle that cryptographic confidence increases with the number of independent mathematical assumptions an attacker must defeat. If a breakthrough in lattice cryptanalysis weakens MLWE-based schemes, FALCON (NTRU lattices) and SLH-DSA (hash-based) remain intact. If a novel attack on NTRU lattices emerges, the MLWE schemes and hash-based signatures are unaffected. If an unexpected advance in quantum algorithms threatens all lattice schemes simultaneously, the hash-based family provides a completely independent fallback.
This is the same multi-family architecture that powers H33's production infrastructure at over 1.6 million authentications per second on Graviton4 hardware. V100 inherits this cryptographic stack directly — it is not a research prototype bolted onto a video platform.
How PQ Protection Works in a V100 Video Call
When two participants join a V100 video session, the post-quantum key exchange begins before the first video frame is transmitted. The process is invisible to users — there is no additional latency, no configuration required, and no opt-in toggle. Every V100 session is quantum-resistant by default.
Key exchange: Each participant generates an ML-KEM-768 keypair and an X25519 keypair. The public keys are bundled and exchanged via V100's signaling channel. Each side performs ML-KEM encapsulation and X25519 key agreement, then derives the session key as SHA3-256(x25519_shared || kyber_shared). This hybrid design ensures the session is secure if either algorithm holds — even if ML-KEM is unexpectedly compromised, X25519 still protects the session against classical attacks, and vice versa.
Media encryption: All video, audio, and data channels are encrypted end-to-end with AES-256-GCM using the quantum-safe session key. The V100 SFU (Selective Forwarding Unit) relays encrypted packets without the ability to decrypt them. The server infrastructure is untrusted by design.
Artifact signing: Recordings, transcripts, and meeting summaries are signed with ML-DSA-65, with FALCON-512 used for compact inline signatures in signaling messages. These signatures will remain valid and verifiable even after quantum computers exist — unlike ECDSA or RSA signatures, which will be forgeable.
Attestation: Every V100 session generates an H33-74 substrate attestation — a 74-byte cryptographic proof (32 bytes on-chain, 42 bytes in Cachee) that the session occurred, the participants were authenticated, and the media was not tampered with. This attestation is PQ-attested across all three algorithm families.
Performance: No Excuses Left
The historical objection to post-quantum cryptography was performance. PQ keys are larger. PQ algorithms are computationally heavier. In 2022, this was a legitimate concern for latency-sensitive real-time video. In 2026, it is not.
PQ overhead for a V100 video session
The 80-microsecond key exchange overhead is invisible against the 200–500 milliseconds that WebRTC ICE negotiation and DTLS handshake take on every video call. Users cannot perceive it. Load tests cannot measure it. It is a rounding error in the session establishment pipeline.
The bandwidth overhead of larger PQ public keys (1,184 bytes for ML-KEM-768 vs. 32 bytes for X25519) is similarly negligible. A single 720p video frame at 30fps generates approximately 50–100 KB of media data per second. An additional 1.2 KB of signaling data per participant is statistically invisible.
Performance was the last legitimate excuse for not deploying post-quantum cryptography in video systems. That excuse is gone. The only remaining explanation for why Zoom, Teams, and Meet have not adopted PQ algorithms is organizational inertia.
What Should Your Organization Do Now
If your organization conducts video meetings where the content will remain sensitive for more than five years, you are already in the HNDL threat window. The encrypted recordings of your current meetings may have already been captured. Transitioning to post-quantum video conferencing is not a 2030 initiative. It is a 2026 decision.
Audit your video platform's cryptography. Ask your vendor explicitly: do you use post-quantum key exchange? Do you use post-quantum digital signatures? If the answer is no, your video calls are accumulating quantum risk every day they continue.
Assess your data sensitivity timeline. If your organization handles data with multi-decade sensitivity — healthcare records, legal proceedings, defense programs, financial transactions, intellectual property — the HNDL threat is not abstract. It is operational.
Evaluate V100. V100 is the only video API that protects every session with three post-quantum algorithm families across independent mathematical hardness assumptions. The quantum security page provides the complete technical architecture. The live demo lets you see the PQ-E2E badge in action. Pricing starts with a free trial — no credit card required.
The window to protect your video communications from quantum attacks is open now. It will not stay open forever. Every day of delay is another day of encrypted traffic that will be decryptable in the post-quantum future.
Make your video calls quantum resistant today
V100 is the only video API with three post-quantum algorithm families protecting every session. ML-KEM for key exchange, ML-DSA and FALCON for signatures, SLH-DSA for long-lived attestation. Start free and see the green PQ-E2E badge on your first call.