Table of Contents
Fetching ...

Post-Quantum Cryptography in the 5G Core

Thomas Attema, Bor de Kock, Sandesh Manganahalli Jayaprakash, Dimitrios Schoinianakis, Thom Sijpesteijn, Rintse van de Vlasakker

TL;DR

This paper addresses securing the 5G Core against quantum threats by evaluating post-quantum cryptography (PQC) implementations in TLS-based communications. It adopts a hybrid cryptography approach, combining post-quantum key encapsulation and signatures with conventional schemes, and implements them in a lab-5G core to measure latency and bandwidth during UE registration and PDU session setup. The results show only small performance overheads from PQC, with no substantial impact on network usability, corroborating prior studies and suggesting that 5G Core can support PQC during migration. The findings have practical implications for deployment, standardization, and future research on PQC integration in telecom infrastructures.

Abstract

In this work, the conventional cryptographic algorithms used in the 5G Core are replaced with post-quantum alternatives and the practical impact of this transition is evaluated. Using a simulation environment, we model the registration and deregistration of varying numbers of user equipments (UEs) and measure the resulting effects on bandwidth consumption and latency. Our results show that the deployment of post-quantum cryptographic algorithms has a measurable effect on performance, but that this effect is small, and perhaps more crucially, that the extra overhead needed in terms of computation and bandwidth does not have any substantial impact on the usability of the network and the efficiency of its network functions. Overall the experimental results in this work corroborate earlier research: the 5G Core is technically able to support post-quantum cryptography without any inherent issues connected to the increased computational overhead or larger message size.

Post-Quantum Cryptography in the 5G Core

TL;DR

This paper addresses securing the 5G Core against quantum threats by evaluating post-quantum cryptography (PQC) implementations in TLS-based communications. It adopts a hybrid cryptography approach, combining post-quantum key encapsulation and signatures with conventional schemes, and implements them in a lab-5G core to measure latency and bandwidth during UE registration and PDU session setup. The results show only small performance overheads from PQC, with no substantial impact on network usability, corroborating prior studies and suggesting that 5G Core can support PQC during migration. The findings have practical implications for deployment, standardization, and future research on PQC integration in telecom infrastructures.

Abstract

In this work, the conventional cryptographic algorithms used in the 5G Core are replaced with post-quantum alternatives and the practical impact of this transition is evaluated. Using a simulation environment, we model the registration and deregistration of varying numbers of user equipments (UEs) and measure the resulting effects on bandwidth consumption and latency. Our results show that the deployment of post-quantum cryptographic algorithms has a measurable effect on performance, but that this effect is small, and perhaps more crucially, that the extra overhead needed in terms of computation and bandwidth does not have any substantial impact on the usability of the network and the efficiency of its network functions. Overall the experimental results in this work corroborate earlier research: the 5G Core is technically able to support post-quantum cryptography without any inherent issues connected to the increased computational overhead or larger message size.
Paper Structure (19 sections, 7 figures, 2 tables)

This paper contains 19 sections, 7 figures, 2 tables.

Figures (7)

  • Figure 1: Overview of vulnerable interfaces in a 5G network nbl.
  • Figure 2: The setup for the experiments described in this work.
  • Figure 3: A new registration request triggers setting up various connections in the core.
  • Figure 4: Histogram showing the setup duration with various KEMs. Remark that rsaEncryption refers to the RSA digital signature algorithm.
  • Figure 5: Histogram showing the setup duration with various signature algorithms, combined with a conventional (ECC-based) KEM.
  • ...and 2 more figures