Post-Quantum Key Exchange and Subscriber Identity Encryption in 5G Using ML-KEM (Kyber) ^†

Fifth-generation technology addresses user privacy concerns in cellular networking by encrypting a subscriber identifier with elliptic-curve-based encryption and then transmitting it as ciphertext known as a Subscriber Concealed Identifier (SUCI). However, an adversary equipped with a quantum computer can break a discrete-logarithm-based elliptic curve algorithm. Consequently, the user privacy in 5G is at stake against quantum attacks. In this paper, we study the incorporation of the post-quantum ciphers in the SUCI calculation both at the user equipment and at the core network, which involves the shared-key exchange and then using the resulting key for the ID encryption. We experiment on different hardware platforms to analyze the PQC key exchange and encryption using NIST-standardized CRYSTALS-Kyber (which is now called an ML-KEM after the standardization selection by NIST). Our analyses focus on the performances and compare the Kyber-based key exchange and encryption with the current (pre-quantum) elliptic curve Diffie–Hellman (ECDH). The performance analyses are critical because mobile networking involves resource-limited and battery-operating mobile devices. We measure and analyze not only the time and CPU-processing performances but also the energy and power performances. Our analyses show that Kyber-512 is the most efficient and even has better performance (i.e., faster computations and lower energy consumption) than ECDH.