Quantum Snake Oil

Wave Encryption

This article is part of the Quantum Snake Oil Dictionary a series examining terms used in quantum technology marketing. The series is divided into Red Flag Terms (terms with no established technical meaning that almost always signal hype or fraud) and Misused Terms (legitimate concepts routinely stripped of context in marketing). This entry is a Red Flag Term.

“Wave Encryption”

A note before we begin. This entry examines “wave encryption,” sometimes described as encoding ciphertext into electromagnetic, mechanical, or other waves. I am not writing about any specific company or product. The phrase sounds technical, which is the point of including it, but it describes a transmission medium rather than a security mechanism, and the difference is the whole story.

A Term You Will Not Find in Any Standard

Search the NIST cryptographic publications, the ETSI standards, the IETF RFCs, or any peer-reviewed cryptography venue for “wave encryption.” It is not there. The term has no formal definition, no specification, and no place in the vocabulary the field actually uses. That absence is the first signal. Real cryptographic methods are named, specified, and analyzed; a phrase that appears only in marketing copy is doing a different job.

What “wave encryption” usually gestures at is the idea that the ciphertext, or some representation of it, is carried by waves, whether radio, light, sound, or something more exotic. Carrying data on waves is not new or secret. Every wireless transmission already does it. Your phone, your laptop, and your car key all send and receive data as electromagnetic waves. Describing that as a form of encryption is a category error.

The Channel Is Not the Cipher

Cryptography and communication live at different layers, and conflating them is what makes the phrase empty.

Encryption is a transformation applied to data: it takes a message and a key and produces ciphertext that only a keyholder can read. A communication channel is the medium that moves bits from one place to another: a wire, a fiber, a radio link, an acoustic signal. The secrecy of an encrypted message comes from the cipher and the key, and it holds regardless of how the ciphertext travels afterward. You can send AES ciphertext by radio, by fiber, by carrier pigeon, or by waving flags, and its confidentiality is unchanged, because the protection was applied before it entered the channel.

So a product that protects data by encoding it into waves has either applied a real cipher first, in which case the waves add nothing to the security and the relevant question is which cipher, or it has not, in which case the data is unprotected no matter how it is transmitted. The physical carrier is not where security comes from. If anything, broadcasting over electromagnetic waves widens exposure rather than narrowing it, since a signal in the air can be received by anyone with an antenna.

Why the Phrase Appears at All

“Wave encryption” belongs to a familiar family of pseudo-technical garnish, where physics vocabulary is layered onto a product to make it sound advanced. Words like “wave,” “field,” “resonance,” and “quantum” carry an aura of sophistication that can substitute for an actual description of the cryptography. The tell is that none of it names an algorithm, a key size, a security level, or a standard. It describes how the data moves or what physical phenomenon is invoked, and leaves the only question that matters, what protects the data, unanswered.

Questions to Ask a Vendor

“What encryption algorithm protects the data before it is transmitted?” This is the question the phrase is built to skip. A real product names a standard cipher. If the answer is that the waves themselves are the encryption, the product has no encryption.

“If the ciphertext is intercepted in the air, what stops the interceptor from reading it?” The honest answer is the cipher and the key, which returns the conversation to ordinary cryptography. “Wave encryption” has no answer of its own.

“Where is the secrecy located — in the algorithm and key, or in the transmission medium?” Security lives in the first. A vendor pointing at the medium has confused the channel for the cipher.

The Bottom Line

“Wave encryption” is a marketing phrase with no cryptographic content. It describes how data might travel, not how it is secured, and those are separate layers: the cipher protects the message, and the channel merely carries it. Transmitting ciphertext over waves adds nothing to its confidentiality, and transmitting unprotected data over waves leaves it unprotected. When you see the phrase, set the physics aside and ask which algorithm and key are doing the work. If the only answer is the waves, there is no encryption to evaluate.

Quantum Upside & Quantum Risk – Handled

My company – Applied Quantum – helps governments, enterprises, and investors prepare for both the upside and the risk of quantum technologies. We deliver concise board and investor briefings; demystify quantum computing, sensing, and communications; craft national and corporate strategies to capture advantage; and turn plans into delivery. We help you mitigate the quantum risk by executing crypto-inventory, crypto-agility implementation, PQC migration, and broader defenses against the quantum threat. We run vendor due diligence, proof-of-value pilots, standards and policy alignment, workforce training, and procurement support, then oversee implementation across your organization. Contact me if you want help.

Marin Ivezic

I am the Founder of Applied Quantum (AppliedQuantum.com), a research-driven consulting firm empowering organizations to seize quantum opportunities and proactively defend against quantum threats. A former quantum entrepreneur, I’ve previously served as a Fortune Global 500 CISO, CTO, Big 4 partner, and leader at Accenture and IBM. Throughout my career, I’ve specialized in managing emerging tech risks, building and leading innovation labs focused on quantum security, AI security, and cyber-kinetic risks for global corporations, governments, and defense agencies. I regularly share insights on quantum technologies and emerging-tech cybersecurity at PostQuantum.com.