{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T17:51:38Z","timestamp":1779904298488,"version":"3.53.1"},"reference-count":50,"publisher":"MDPI AG","issue":"7","license":[{"start":{"date-parts":[[2025,7,19]],"date-time":"2025-07-19T00:00:00Z","timestamp":1752883200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>5G addresses user privacy concerns in cellular networking by encrypting a subscriber identifier with elliptic-curve-based encryption and then transmitting it as ciphertext known as a Subscriber Concealed Identifier (SUCI). However, an adversary equipped with a quantum computer can break a discrete-logarithm-based elliptic curve algorithm. Consequently, the user privacy in 5G is at stake against quantum attacks. In this paper, we study the incorporation of the post-quantum ciphers in the SUCI calculation both at the user equipment and at the core network, which involves the shared-key exchange and then using the resulting key for the ID encryption. We experiment on different hardware platforms to analyze the PQC key exchange and encryption using NIST-standardized CRYSTALS-Kyber (which is now called an ML-KEM after the standardization selection by NIST). Our analyses focus on the performances and compare the Kyber-based key exchange and encryption with the current (pre-quantum) elliptic curve Diffie\u2013Hellman (ECDH). The performance analyses are critical because mobile networking involves resource-limited and battery-operating mobile devices. We measure and analyze not only the time and CPU-processing performances but also the energy and power performances. Our analyses show that Kyber-512 is the most efficient and even has better performance (i.e., faster computations and lower energy consumption) than ECDH.<\/jats:p>","DOI":"10.3390\/info16070617","type":"journal-article","created":{"date-parts":[[2025,7,21]],"date-time":"2025-07-21T09:33:53Z","timestamp":1753090433000},"page":"617","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Post-Quantum Key Exchange and Subscriber Identity Encryption in 5G Using ML-KEM (Kyber)"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5143-5181","authenticated-orcid":false,"given":"Qaiser","family":"Khan","sequence":"first","affiliation":[{"name":"Department of Computer Science, University of Colorado Colorado Springs, Colorado Springs, CO 80918, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-5995-2923","authenticated-orcid":false,"given":"Sourav","family":"Purification","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Colorado Colorado Springs, Colorado Springs, CO 80918, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5736-5823","authenticated-orcid":false,"given":"Sang-Yoon","family":"Chang","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Colorado Colorado Springs, Colorado Springs, CO 80918, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2025,7,19]]},"reference":[{"key":"ref_1","unstructured":"Strobel, D. (2007). IMSI Catcher, Ruhr-Universit\u00e4t Bochum. Chair for Communication Security."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Van Den Broek, F., Verdult, R., and De Ruiter, J. (2015, January 12\u201316). Defeating IMSI catchers. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA.","DOI":"10.1145\/2810103.2813615"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Koutsos, A. (2019, January 17\u201319). The 5G-AKA authentication protocol privacy. Proceedings of the 2019 IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden.","DOI":"10.1109\/EuroSP.2019.00041"},{"key":"ref_4","unstructured":"Shor, P.W. (1994, January 20\u201322). Algorithms for quantum computation: Discrete logarithms and factoring. Proceedings of the 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA."},{"key":"ref_5","unstructured":"NIST (2025, June 15). Module-Lattice-Based Key-Encapsulation Mechanism Standard, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.203.pdf."},{"key":"ref_6","unstructured":"3GPP (2023, January 10). TS 33.501; Security Architecture and Procedures for 5G System, Available online: https:\/\/www.etsi.org\/deliver\/etsi_ts\/133500_133599\/133501\/18.06.00_60\/ts_133501v180600p.pdf."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Bos, J., Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schanck, J.M., Schwabe, P., Seiler, G., and Stehl\u00e9, D. (2018, January 24\u201326). CRYSTALS-Kyber: A CCA-secure module-lattice-based KEM. Proceedings of the 2018 IEEE European Symposium on Security and Privacy (EuroS&P), London, UK.","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Grover, L.K. (1996, January 22\u201324). A fast quantum mechanical algorithm for database search. Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, Philadelphia, PA, USA.","DOI":"10.1145\/237814.237866"},{"key":"ref_9","unstructured":"Nature (2023, January 10). Work Easier Work Faster. Available online: https:\/\/www.nature.com\/articles\/d41586-023-03854-1."},{"key":"ref_10","unstructured":"Mart\u00ednez, V.G., and Encinas, L.H. (2010, January 23\u201325). A comparison of the standardized versions of ECIES. Proceedings of the 2010 Sixth International Conference on Information Assurance and Security, Atlanta, GA, USA."},{"key":"ref_11","unstructured":"Internet Research Task Force (IRTF) (2025, January 29). Elliptic Curves for Security. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc7748."},{"key":"ref_12","unstructured":"Adalier, M., and Teknik, A. (2015, January 11\u201312). Efficient and secure elliptic curve cryptography implementation of curve p-256. Proceedings of the Workshop on Elliptic Curve Cryptography Standards, NIST, Gaithersburg, MD, USA."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Mj\u00f8lsnes, S.F., and Olimid, R.F. (2017, January 28\u201330). Easy 4G\/LTE IMSI catchers for non-programmers. Proceedings of the Computer Network Security: 7th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2017, Warsaw, Poland. Proceedings 7.","DOI":"10.1007\/978-3-319-65127-9_19"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Park, S., Shaik, A., Borgaonkar, R., and Seifert, J.P. (2019, January 11). Anatomy of Commercial IMSI Catchers and Detectors. Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society (WPES\u201919), London, UK.","DOI":"10.1145\/3338498.3358649"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Dabrowski, A., Pianta, N., Klepp, T., Mulazzani, M., and Weippl, E. (2014, January 8\u201312). IMSI-catch me if you can: IMSI-catcher-catchers. Proceedings of the 30th Annual Computer Security Applications Conference, Orleans, LA, USA.","DOI":"10.1145\/2664243.2664272"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Dabrowski, A., Petzl, G., and Weippl, E.R. (2016, January 19\u201321). The messenger shoots back: Network operator based IMSI catcher detection. Proceedings of the Research in Attacks, Intrusions, and Defenses: 19th International Symposium, RAID 2016, Paris, France. Proceedings 19.","DOI":"10.1007\/978-3-319-45719-2_13"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Clancy, T.C., McGwier, R.W., and Chen, L. (2019, January 15\u201317). Post-quantum cryptography and 5g security: Tutorial. Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, Miami, FL, USA.","DOI":"10.1145\/3317549.3324882"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"100950","DOI":"10.1016\/j.iot.2023.100950","article-title":"A roadmap from classical cryptography to post-quantum resistant cryptography for 5G-enabled IoT: Challenges, opportunities and solutions","volume":"24","author":"Chawla","year":"2023","journal-title":"Internet Things"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"302","DOI":"10.1109\/COMST.2023.3309051","article-title":"Quantum cryptography in 5g networks: A comprehensive overview","volume":"26","author":"Mehic","year":"2023","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Khan, Q., Purification, S., Cheruiyot, R., Kim, J., Kim, J., and Chang, S.Y. (2024, January 17\u201319). Toward Post-Quantum Digital Certificate for eSIM. Proceedings of the 2024 Silicon Valley Cybersecurity Conference (SVCC), Seoul, Republic of Korea.","DOI":"10.1109\/SVCC61185.2024.10637354"},{"key":"ref_21","unstructured":"Khan, Q., Purification, S., Cheruiyot, R., Kim, J., Kim, I., and Chang, S.Y. (2025, January 23\u201325). Post-Quantum Digital Signature and Authentication for eSIM in 5G Mobile Networking. Proceedings of the 2025 Silicon Valley Cybersecurity Conference (SVCC), San Francisco, CA, USA."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Ulitzsch, V.Q., Park, S., Marzougui, S., and Seifert, J.P. (2022, January 16\u201319). A post-quantum secure subscription concealed identifier for 6g. Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks, San Antonio, TX, USA.","DOI":"10.1145\/3507657.3528540"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Damir, M.T., Meskanen, T., Ramezanian, S., and Niemi, V. (2022, January 9\u201312). A beyond-5g authentication and key agreement protocol. Proceedings of the International Conference on Network and System Security, Denarau Island, Fiji.","DOI":"10.1007\/978-3-031-23020-2_14"},{"key":"ref_24","unstructured":"NIST (2025, June 15). Post-Quantum Cryptography: Proposed Requirements, Available online: https:\/\/csrc.nist.gov\/news\/2016\/post-quantum-cryptography-proposed-requirements."},{"key":"ref_25","unstructured":"NIST (2024, June 10). Post Quantum Cryptography, Available online: https:\/\/csrc.nist.gov\/Projects\/post-quantum-cryptography\/selected-algorithms-2022."},{"key":"ref_26","unstructured":"NIST (2025, June 15). CRYSTALS-Kyber\u2014Submission to the NIST Post-Quantum Project. Available online: https:\/\/pq-crystals.org\/kyber\/data\/kyber-specification.pdf."},{"key":"ref_27","unstructured":"NIST (2025, June 15). CRYSTALS-Kyber (Version 2.0)\u2014Submission to Round 2 of the NIST Post-Quantum Project. Available online: https:\/\/pq-crystals.org\/kyber\/data\/kyber-specification-round2.pdf."},{"key":"ref_28","unstructured":"NIST (2025, June 15). CRYSTALS-Kyber (Version 3.02)\u2014Submission to Round 3 of the NIST Post-Quantum Project. Available online: https:\/\/pq-crystals.org\/kyber\/data\/kyber-specification-round3-20210804.pdf."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"D\u2019Anvers, J.P., Karmakar, A., Sinha Roy, S., and Vercauteren, F. (2018, January 7\u20139). Saber: Module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM. Proceedings of the Progress in Cryptology\u2013AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco. Proceedings 10.","DOI":"10.1007\/978-3-319-89339-6_16"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"153","DOI":"10.1587\/transfun.E93.A.153","article-title":"Countermeasures against power analysis attacks for the NTRU public key cryptosystem","volume":"93","author":"Lee","year":"2010","journal-title":"IEICE Trans. Fundam. Electron. Commun. Comput. Sci."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"601","DOI":"10.1016\/j.micpro.2013.04.008","article-title":"First-order collision attack on protected NTRU cryptosystem","volume":"37","author":"Zheng","year":"2013","journal-title":"Microprocess. Microsyst."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"123","DOI":"10.46586\/tches.v2020.i1.123-151","article-title":"Power Analysis on NTRU Prime","volume":"2020","author":"Huang","year":"2019","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Primas, R., Pessl, P., and Mangard, S. (2017, January 25\u201328). Single-trace side-channel attacks on masked lattice-based encryption. Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems, Taipei, Taiwan.","DOI":"10.1007\/978-3-319-66787-4_25"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Aysu, A., Tobah, Y., Tiwari, M., Gerstlauer, A., and Orshansky, M. (May, January 30). Horizontal side-channel vulnerabilities of post-quantum key exchange protocols. Proceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), Washington, DC, USA.","DOI":"10.1109\/HST.2018.8383894"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Bos, J.W., Friedberger, S., Martinoli, M., Oswald, E., and Stam, M. (2018, January 15\u201317). Assessing the feasibility of single trace power analysis of frodo. Proceedings of the International Conference on Selected Areas in Cryptography, Calgary, AB, Canada.","DOI":"10.1007\/978-3-030-10970-7_10"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"D\u2019Anvers, J.P., Tiepelt, M., Vercauteren, F., and Verbauwhede, I. (2019, January 11). Timing attacks on error correcting codes in post-quantum schemes. Proceedings of the ACM Workshop on Theory of Implementation Security Workshop, London, UK.","DOI":"10.1145\/3338467.3358948"},{"key":"ref_37","first-page":"307","article-title":"Generic Side-channel attacks on CCA-secure lattice-based PKE and KEM schemes","volume":"2020","author":"Ravi","year":"2019","journal-title":"Cryptology"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"21382","DOI":"10.1109\/JIOT.2022.3179683","article-title":"Chosen-ciphertext Clustering Attack on CRYSTALS-KYBER using the Side-channel Leakage of Barrett Reduction","volume":"9","author":"Sim","year":"2022","journal-title":"IEEE Internet Things J."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"D\u2019Anvers, J.P., Guo, Q., Johansson, T., Nilsson, A., Vercauteren, F., and Verbauwhede, I. (2019, January 14\u201317). Decryption failure attacks on IND-CCA secure lattice-based schemes. Proceedings of the IACR International Workshop on Public Key Cryptography, Beijing, China.","DOI":"10.1007\/978-3-030-17259-6_19"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Ravi, P., Roy, D.B., Bhasin, S., Chattopadhyay, A., and Mukhopadhyay, D. (2019, January 3\u20135). Number \u201cnot used\u201d once-practical fault attack on pqm4 implementations of NIST candidates. Proceedings of the International Workshop on Constructive Side-Channel Analysis and Secure Design, Darmstadt, Germany.","DOI":"10.1007\/978-3-030-16350-1_13"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"2163","DOI":"10.1109\/TC.2021.3122997","article-title":"Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: The case study of kyber","volume":"71","author":"Xu","year":"2021","journal-title":"IEEE Trans. Comput."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Hermelink, J., Pessl, P., and P\u00f6ppelmann, T. (2021, January 12\u201315). Fault-enabled chosen-ciphertext attacks on Kyber. Proceedings of the International Conference on Cryptology in India, Jaipur, India.","DOI":"10.1007\/978-3-030-92518-5_15"},{"key":"ref_43","unstructured":"Ravi, P., Jhanwar, M.P., Howe, J., Chattopadhyay, A., and Bhasin, S. (2018). Side-channel assisted existential forgery attack on Dilithium-a NIST PQC candidate. IACR Cryptol. ePrint Arch., 821."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Islam, S., Mus, K., Singh, R., Schaumont, P., and Sunar, B. (2022). Signature Correction Attack on Dilithium Signature Scheme. arXiv.","DOI":"10.1109\/EuroSP53844.2022.00046"},{"key":"ref_45","unstructured":"Khan, Q., Purification, S., and Chang, S.-Y. (2025, July 13). Experimental Scripts and Data for Post-Quantum Key Exchange and Subscriber Identity Encryption in 5G Using ML-KEM (Kyber). Available online: https:\/\/github.com\/NSSL-UCCS\/PQKEM-5G."},{"key":"ref_46","unstructured":"Python Cryptographic Authority (2025, July 13). Cryptography Version 42-0-5. Available online: https:\/\/github.com\/pyca\/cryptography\/releases\/tag\/42.0.5."},{"key":"ref_47","unstructured":"Open-Quantum-Safe (2025, July 13). Liboqs Version 0.9.0. Available online: https:\/\/github.com\/open-quantum-safe\/liboqs-python\/releases\/tag\/0.9.0."},{"key":"ref_48","unstructured":"Shenzhen Zhurui Technology Co., Ltd. (2025, July 13). ZHURUI PR10-E Power Recorder User Manual. Available online: https:\/\/manuals.plus\/m\/8a5a181ee72ab9efe0c8b75a7752d1713f7db211c598f8b596f9069caa4f6ba0_optim.pdf."},{"key":"ref_49","unstructured":"Techredar (2024, January 10). SIM Card Storage Memeory. Available online: https:\/\/www.techradar.com\/sim-only\/what-is-stored-on-a-sim-card."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Khan, Q., Purification, S., and Chang, S.Y. (2025, January 12\u201316). Post-Quantum Key Exchange and ID Encryption Analyses for 5G Mobile Networking. Proceedings of the NOMS 2025-2025 IEEE Network Operations and Management Symposium, Honolulu, HI, USA.","DOI":"10.1109\/NOMS57970.2025.11073683"}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/7\/617\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T18:12:40Z","timestamp":1760033560000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/7\/617"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,19]]},"references-count":50,"journal-issue":{"issue":"7","published-online":{"date-parts":[[2025,7]]}},"alternative-id":["info16070617"],"URL":"https:\/\/doi.org\/10.3390\/info16070617","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,19]]}}}