Manish Paudel (Advanced Wireless and Security Lab, Virginia Commonwealth University), Maryna Veksler (Advanced Wireless and Security Lab, Virginia Commonwealth University), Kemal Akkaya (Advanced Wireless and Security Lab, Virginia Commonwealth University)
The rapid growth of 5G wireless technology has transformed connectivity, offering exceptional bandwidth, ultralow latency, and massive IoT device connectivity. However, as quantum computers are progressing, resistance against attacks from such computers becomes a mandatory requirement for all critical infrastructure, necessitating efficient post-quantum cryptography (PQC) implementations for 5G-based IoT devices with limited resources. For instance, User Equipment (UE) reauthentication due to frequent handovers and mobility events is a daily operation that already comes with some overhead, which is not attractive to be used for IoT UE devices. Incorporating heavier PQ solutions into these re-authentications will lead to even more additional communication and computation overhead that may hinder PQ deployment in next generation networks. As such, this paper introduces a novel, lightweight approach for integrating PQC in 5G IoT authentication by proposing a custom identity-based session resumption mechanism without compromising interoperability with existing protocols. This approach prevents replay attacks and ensures perfect forward secrecy (PFS) by utilizing customized identities that are dynamically generated based on device-specific parameters, combined with intelligent server-side caching of quantum-resistant cryptographic materials that eliminate the need for full PQC computations during subsequent re-authentications. We demonstrate through realistic 5G experimentation that the proposed solution significantly lowers authentication overhead while providing quantum-resistant security.