Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Introducing Post-Quantum algorithms in Open RAN interfaces

Pedro Otero-García, Ana Fernández-Vilas, Manuel Fernández-Veiga

TL;DR

The paper addresses securing Open RAN open interfaces against quantum threats by integrating post-quantum cryptography into IPsec using a hybrid approach that combines classical key exchange with KEMs. It implements four KEMs from liboqs (CRYSTALS-Kyber, BIKE, HQC, Frodo) and evaluates their impact on an Open RAN testbed built with srsRAN and Open5GS, measuring throughput, delay, jitter, memory usage, and encryption time. The results show that Frodo and BIKE offer the best overall balance, with Frodo preserving throughput similar to non-KEM scenarios and BIKE delivering the fastest encryption and lowest latency, while Kyber is more variable and HQC can exhibit higher jitter. The study demonstrates the practicality of PQC for Open RAN interfaces and provides guidance for deployment choices, while outlining future directions including quantum key distribution and broader PQC adoption across TLS, MACsec, and additional interfaces.

Abstract

Nowadays, 5G architecture is characterized by the use of monolithic hardware, where the configuration of its elements is completely proprietary for each manufacturer. In recent years, as an alternative to this centralized architecture, a new model has emerged: the Open Radio Access Network (Open RAN). One of its main features has been the split of the Base Band Unit (BBU) into new simpler hardware with more specific functions approaching to a more modular model. As a consequence of this split, new interfaces appeared to connect these components that need to be protected. With the developments in the field of quantum computing, traditional protection mechanisms for this kind of interfaces may be deprecated in the near future. This security issue motivates this paper, which aims to study how to integrate post-quantum cryptography (PQC) mechanisms to current security standards, such as IPsec and MACsec. In addition, the proposal is also put into practice to compare the performance of traditional mechanisms with PQC implementations. This research shows that the new implementation does not reduce the performance of the aforementioned standards, while the security is reinforced against quantum attacks.

Introducing Post-Quantum algorithms in Open RAN interfaces

TL;DR

The paper addresses securing Open RAN open interfaces against quantum threats by integrating post-quantum cryptography into IPsec using a hybrid approach that combines classical key exchange with KEMs. It implements four KEMs from liboqs (CRYSTALS-Kyber, BIKE, HQC, Frodo) and evaluates their impact on an Open RAN testbed built with srsRAN and Open5GS, measuring throughput, delay, jitter, memory usage, and encryption time. The results show that Frodo and BIKE offer the best overall balance, with Frodo preserving throughput similar to non-KEM scenarios and BIKE delivering the fastest encryption and lowest latency, while Kyber is more variable and HQC can exhibit higher jitter. The study demonstrates the practicality of PQC for Open RAN interfaces and provides guidance for deployment choices, while outlining future directions including quantum key distribution and broader PQC adoption across TLS, MACsec, and additional interfaces.

Abstract

Nowadays, 5G architecture is characterized by the use of monolithic hardware, where the configuration of its elements is completely proprietary for each manufacturer. In recent years, as an alternative to this centralized architecture, a new model has emerged: the Open Radio Access Network (Open RAN). One of its main features has been the split of the Base Band Unit (BBU) into new simpler hardware with more specific functions approaching to a more modular model. As a consequence of this split, new interfaces appeared to connect these components that need to be protected. With the developments in the field of quantum computing, traditional protection mechanisms for this kind of interfaces may be deprecated in the near future. This security issue motivates this paper, which aims to study how to integrate post-quantum cryptography (PQC) mechanisms to current security standards, such as IPsec and MACsec. In addition, the proposal is also put into practice to compare the performance of traditional mechanisms with PQC implementations. This research shows that the new implementation does not reduce the performance of the aforementioned standards, while the security is reinforced against quantum attacks.
Paper Structure (16 sections, 6 figures)

This paper contains 16 sections, 6 figures.

Table of Contents

  1. Introduction
  2. Principles of Open RAN
  3. Background
  4. Key Open RAN principles
  5. Main components of Open RAN
  6. Interfaces in Open RAN
  7. Security Challenges and Current Solutions for Open RAN Interfaces
  8. Integrating PQC into the open interfaces of Open RAN
  9. Implementing PQC in IPsec
  10. Selection of KEMs for testing
  11. Testing Scenario
  12. Test Scenario Topology
  13. IPsec Implementation
  14. Tests Performed
  15. Performance Results
  16. ...and 1 more sections

Figures (6)

  • Figure 1: Traditional RAN topology in front of Open RAN Topology
  • Figure 2: IKEv2 with intermediate messages following RFC 9370.
  • Figure 3: Topology of the testing scenario.
  • Figure 4: Throughput and jitter comparison between KEM algorithms.
  • Figure 5: Encryption time comparison between KEM algorithms.
  • ...and 1 more figures