English

Empowering Mobile Networks Security Resilience by using Post-Quantum Cryptography

Cryptography and Security 2026-03-31 v1

Abstract

The transition to a cloud-native 5G Service-Based Architecture (SBA) improves scalability but exposes control-plane signaling to emerging quantum threats, including Harvest-Now, Decrypt-Later (HNDL) attacks. While NIST has standardized post-quantum cryptography (PQC), practical, deployable integration in operational 5G cores remains underexplored. This work experimentally integrates NIST-standardized ML-KEM-768 and ML-DSA into an open-source 5G core (free5GC) using a sidecar proxy pattern that preserves unmodified network functions (NFs). Implemented on free5GC, we compare three deployments: (i) native HTTPS/TLS, (ii) TLS sidecar, and (iii) PQC-enabled sidecar. Measurements at the HTTP/2 request-response boundary over repeated independent runs show that PQC increases end-to-end Service-Based Interface (SBI) latency to approximately 54 ms, adding a deterministic 48-49 ms overhead relative to the classical baseline, while maintaining tightly bounded variance (IQR <= 0.2 ms, CV < 0.4%). We also quantify the impact of Certification Authority (CA) security levels, identifying certificate validation as a tunable contributor to overall delay. Overall, the results demonstrate that sidecar-based PQC insertion enables a non-disruptive and operationally predictable migration path for quantum-resilient 5G signaling.

Keywords

Cite

@article{arxiv.2603.28626,
  title  = {Empowering Mobile Networks Security Resilience by using Post-Quantum Cryptography},
  author = {Ricardo Alves Faval and Rodrigo Moreira and Flávio de Oliveira Silva},
  journal= {arXiv preprint arXiv:2603.28626},
  year   = {2026}
}

Comments

Paper Accept for Publication at European Conference on Networks and Communications (EuCNC) 2026

R2 v1 2026-07-01T11:44:23.541Z