Hybrid ML-KEM in TLS 1.3: Performance Analysis on ARM64 Under Network Stress

Öz

In the post-quantum era, it is predicted that secure encryption algorithms like RSA and ECC will be broken within microseconds. In response, NIST has made the transition to post-quantum cryptography necessary by completing the ML-KEM standard (FIPS 203) in August 2024. However, integrating these new algorithms into the existing TLS 1.3 infrastructure raises some concerns, particularly in resource-constrained IoT devices where computing power and memory are limited. This paper evaluates the TLS 1.3 handshake performance of ML-KEM-512, ML-KEM-768, ML-KEM-1024, and hybrid X25519+ML-KEM-768 on a Raspberry Pi 4 (ARM Cortex-A72) in five different network scenarios (loopback, LAN (10 ms RTT), WAN (50 ms RTT), and packet loss rates of 1% and 5%). Experiments were performed using OpenSSL 3.x integrated with liboqs, with 100 iterations for each configuration. The results show that ML-KEM algorithms, which have high computational costs, introduce negligible computational overhead compared to the classic X25519 under low latency conditions, and base-state 1-RTT handshake times range from 11.3 to 13.3 ms. The ML-KEM 512 algorithm showed the best performance, particularly due to its small packet size. ML-KEM reached 180 ms with 5% loss, while X25519 reached 281 ms. It was also observed that session restart times consistently reduced handshake latency for all algorithms. In algorithm tests, ML-KEM 512 provided a 4.16-fold speedup at the base level. In WAN conditions, network RTT becomes the dominant bottleneck, and the choice of KEM algorithm becomes practically irrelevant. This demonstrates that ML-KEM algorithms are a usable standard even with limited hardware and that session restart is a significant example of optimization in IoT applications.

Anahtar Kelimeler

• Post-Quantum Cryptography
• ML-KEM
• TLS 1.3
• IoT Security
• Raspberry Pi
• Network Performance.

TLS 1.3'te Hibrit ML-KEM: Ağ Stresi Altında ARM64 Üzerinde Performans Analizi

Öz

Kuantum sonrası çağda, RSA ve ECC gibi güvenli şifreleme algoritmalarının mikrosaniyeler içinde kırılacağı tahmin ediliyor. Buna karşılık, NIST, Ağustos 2024'te ML-KEM standardını (FIPS 203) tamamlayarak kuantum sonrası kriptografiye geçişi gerekli kılmıştır. Bununla birlikte, bu yeni algoritmaların mevcut TLS 1.3 altyapısına entegre edilmesi, özellikle işlem gücü ve belleğin sınırlı olduğu kaynak kısıtlı IoT cihazlarında bazı endişeleri gündeme getiriyor. Bu makale, ML-KEM-512, ML-KEM-768, ML-KEM-1024 ve hibrit X25519+ML-KEM-768'in TLS 1.3 el sıkışma performansını, beş farklı ağ senaryosunda (geri döngü, LAN (10 ms RTT), WAN (50 ms RTT) ve %1 ve %5 paket kaybı oranları) bir Raspberry Pi 4 (ARM Cortex-A72) üzerinde değerlendirmektedir. Deneyler, her konfigürasyon için 100 yineleme ile liboqs ile entegre edilmiş OpenSSL 3.x kullanılarak gerçekleştirildi. Sonuçlar, yüksek hesaplama maliyetine sahip ML-KEM algoritmalarının, düşük gecikme koşullarında klasik X25519'a kıyasla ihmal edilebilir bir hesaplama yükü getirdiğini ve temel durum 1-RTT el sıkışma sürelerinin 11,3 ila 13,3 ms arasında değiştiğini göstermektedir. ML-KEM 512 algoritması, özellikle küçük paket boyutu nedeniyle en iyi performansı gösterdi. ML-KEM %5 kayıpla 180 ms'ye ulaşırken, X25519 281 ms'ye ulaştı. Ayrıca, oturum yeniden başlatma sürelerinin tüm algoritmalar için el sıkışma gecikmesini sürekli olarak azalttığı gözlemlendi. Algoritma testlerinde, ML-KEM 512 temel seviyede 4,16 kat hızlanma sağladı. WAN koşullarında, ağ RTT'si baskın darboğaz haline gelir ve KEM algoritmasının seçimi pratikte önemsiz hale gelir. Bu durum, ML-KEM algoritmalarının sınırlı donanım koşullarında bile kullanılabilir bir standart olduğunu ve oturum yeniden başlatmanın IoT uygulamalarında önemli bir optimizasyon örneği olduğunu göstermektedir.

Anahtar Kelimeler

• Kuantum Sonrası Kriptografi
• ML-KEM
• TLS 1.3
• IoT Güvenliği
• Raspberry Pi
• Ağ Performansı.

Kaynakça

1. Aissaoui, R., Deneuville, J.-C., Guerber, C., & Pirovano, A. (2024). A Performant Quantum-Resistant KEM for Constrained Hardware: Optimized HQC: Proceedings of the 21st International Conference on Security and Cryptography, 668–673. https://doi.org/10.5220/0012757800003767
2. Asif, R. (2021). Post-Quantum Cryptosystems for Internet-of-Things: A Survey on Lattice-Based Algorithms. IoT, 2(1), 71–91. https://doi.org/10.3390/iot2010005
3. Aydeger, A., Hoque, S., & Zeydan, E. (2025). Challenges of DNS in the Post-Quantum Era: Improving Security with Post-Quantum TLS. Infocommunications Journal, 17(3), 11–21. https://doi.org/10.36244/ICJ.2025.3.2
4. Bindel, N., Brendel, J., Fischlin, M., Goncalves, B., & Stebila, D. (2019). Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange. In J. Ding & R. Steinwandt (Eds.), Post-Quantum Cryptography (Vol. 11505, pp. 206–226). Springer International Publishing. https://doi.org/10.1007/978-3-030-25510-7_12
5. Chen, J., Peng, W., Wang, Y., & Bian, Y. (2025). On the Security and Efficiency of TLS 1.3 Handshake with Hybrid Key Exchange from CPA-Secure KEMs. Entropy, 27(12), 1242. https://doi.org/10.3390/e27121242
6. Dong, J., Hou, Y., Wang, S., Sha, L., Xiao, F., Dong, Z., & Lin, J. (n.d.). HIGH: Harnessing GPU Parallelism for Optimized HQC Performance.
7. Gonzalez, R., & Wiggers, T. (2022). KEMTLS vs. Post-quantum TLS: Performance on Embedded Systems. In L. Batina, S. Picek, & M. Mondal (Eds.), Security, Privacy, and Applied Cryptography Engineering (Vol. 13783, pp. 99–117). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-22829-2_6
8. Hanna, Y., Pineda, D., Veksler, M., Paudel, M., Akkaya, K., Anastasova, M., & Azarderakhsh, R. (2024). Integrating Post-Quantum TLS into the Control Plane of 5G Networks. 2024 IEEE International Performance, Computing, and Communications Conference (IPCCC), 1–8. https://doi.org/10.1109/IPCCC59868.2024.10850437

9. Jung, H., Dang Truong, Q., & Lee, H. (2025). Highly-Efficient Hardware Architecture for ML-KEM PQC Standard. IEEE Open Journal of Circuits and Systems, 6, 356–369. https://doi.org/10.1109/OJCAS.2025.3591136
10. Kagai, F., Branch, P., But, J., & Allen, R. (2025). Harvest-Now, Decrypt-Later: A Temporal Cybersecurity Risk in the Quantum Transition. Telecom, 6(4), 100. https://doi.org/10.3390/telecom6040100
11. Kampanakis, P., & Weibel, A. (n.d.). (Yet another) Analysis of MLWE’s performance impact on specific TLS Use-cases.
12. Kempf, M., Gauder, N., Jaeger, B., Zirngibl, J., & Carle, G. (2024). A Quantum of QUIC: Dissecting Cryptography with Post-Quantum Insights. 2024 IFIP Networking Conference (IFIP Networking), 195–203. https://doi.org/10.23919/IFIPNetworking62109.2024.10619916
13. Kim, M.-S., Jeon, S.-B., & Kim, S. (2025). SRAM based Gaussian noise generation for post quantum cryptography. Scientific Reports, 15(1), 43573. https://doi.org/10.1038/s41598-025-27929-3 Lim, S., Lee, H., Jeong, G., & Kwon, T. T. (2025). PQTLS-AD: Post-Quantum TLS Accelerated with DNS. 2025 34th International Conference on Computer Communications and Networks (ICCCN), 1–6. https://doi.org/10.1109/ICCCN65249.2025.11133832
14. Mamun, A. A., Abrar, A., Rahman, M., Salek, M. S., & Chowdhury, M. (n.d.). Post-Quantum Cryptography for Intelligent Transportation Systems: An Implementation-Focused Review.
15. Montenegro, J. A., Rios, R., & Bonilla, J. (2026). Comparative analysis of post-quantum handshake performance in QUIC and TLS protocols. Computer Networks, 275, 111957. https://doi.org/10.1016/j.comnet.2025.111957
16. Montenegro, J. A., Rios, R., & López-Cerezo, J. (n.d.). A Performance Evaluation Framework for Post-Quantum TLS.
17. Nagy, N., Alnemer, S., Alshuhail, L. M., Alobiad, H., Almulla, T., Alrumaihi, F. A., Ghadra, N., & Nagy, M. (2025). Module-Lattice-Based Key-Encapsulation Mechanism Performance Measurements. Sci, 7(3), 91. https://doi.org/10.3390/sci7030091
18. National Institute of Standards and Technology (US). (2024). Module-lattice-based key-encapsulation mechanism standard (NIST FIPS 203; p. NIST FIPS 203). National Institute of Standards and Technology (U.S.). https://doi.org/10.6028/NIST.FIPS.203
19. Rubio García, C., Cano Aguilera, A., Stan, C., Vegas Olmos, J. J., Rommel, S., & Tafur Monroy, I. (2025). Enhanced Network Security Protocols for the Quantum Era: Combining Classical and Post-Quantum Cryptography, and Quantum Key Distribution. IEEE Journal on Selected Areas in Communications, 43(8), 2765–2781. https://doi.org/10.1109/JSAC.2025.3568011
20. Schwabe, P., Stebila, D., & Wiggers, T. (2020). Post-Quantum TLS Without Handshake Signatures. Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 1461–1480. https://doi.org/10.1145/3372297.3423350
21. Sikeridis, D., Huntley, S., Ott, D., & Devetsikiotis, M. (2022). Intermediate certificate suppression in post-quantum TLS: An approximate membership querying approach. Proceedings of the 18th International Conference on Emerging Networking EXperiments and Technologies, 35–42. https://doi.org/10.1145/3555050.3569127
22. Son, Y., & Cheon, J. H. (2019). Revisiting the Hybrid Attack on Sparse Secret LWE and Application to HE Parameters. Proceedings of the 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography, 11–20. https://doi.org/10.1145/3338469.3358941
23. Sosnowski, M., Wiedner, F., Hauser, E., Steger, L., Schoinianakis, D., Gallenmüller, S., & Carle, G. (2023). The Performance of Post-Quantum TLS 1.3. Companion of the 19th International Conference on Emerging Networking EXperiments and Technologies, 19–27. https://doi.org/10.1145/3624354.3630585
24. Tasopoulos, G., Li, J., Fournaris, A. P., Zhao, R. K., Sakzad, A., & Steinfeld, R. (2022). Performance Evaluation of Post-Quantum TLS 1.3 on Resource-Constrained Embedded Systems. In C. Su, D. Gritzalis, & V. Piuri (Eds.), Information Security Practice and Experience (Vol. 13620, pp. 432–451). Springer International Publishing. https://doi.org/10.1007/978-3-031-21280-2_24
25. Wei, H., Li, W., Shen, S., Yang, H., & Zhao, Y. (n.d.). Optimized Implementation of ML-KEM on ARMv9-A with SVE2 and SME.