Post-Quantum Cryptography: A Multi-layer Bottleneck Analysis

Abstract

Advances in quantum computing have led the research community to develop new post-quantum cryptographic algorithms. While most efforts have focused on designing and analyzing the security of these algorithms, their integration into real- world systems demands a multi-layer performance analysis to identify and mitigate potential bottlenecks. Aligned with NIST’s post-quantum transition strategy, this work addresses that need by introducing a performance evaluation framework that enables to assess and analyze the impact of post-quantum key encapsulation mechanisms (KEMs) and signatures at multiple layers of the protocol stack—from standalone cryptographic primitives, to their integration into the TLS handshake, and finally into full application scenarios such as VPNs—on two hardware platforms. Our results show that signature and verification operations dominate the overall cryptographic cost, while KEMs such as MLKEM introduce minimal overhead. In contrast, hybrid and HQC-based solutions significantly increase handshake duration, particularly on ARM platforms. Notably, the relative performance between platforms shifts when comparing these cryptographic primitives in isolation versus their integration into higher protocol layers. This highlights the critical need to evaluate post-quantum algorithms in realistic, system-level scenarios.