This work addresses the threat posed by quantum computing to conventional public-key cryptography and Diffie-Hellman key exchange by proposing and implementing a quantum-safe access mechanism for 5G non-3GPP access networks, such as Wi-Fi. The proposed scheme uniquely integrates keys generated via Quantum Key Distribution (QKD) into the IPsec Security Association establishment process, leveraging coordination between the Non-3GPP InterWorking Function (N3IWF) and an open-source 5G core network to construct an end-to-end information-theoretically secure heterogeneous access architecture. Experimental results demonstrate that, compared to traditional pre-shared key and certificate-based approaches, the method improves key agreement efficiency by 4.62% and 5.17%, respectively, while simultaneously ensuring information-theoretic security and significantly enhancing the quantum resistance of 5G non-3GPP access.

The advent of quantum computing will pose great challenges to the current communication systems, requiring essential changes in the establishment of security associations in traditional architectures. In this context, the multi-technological and heterogeneous nature of 5G networks makes it a challenging scenario for the introduction of quantum communications. Specifically, 5G networks support the unification of non-3GPP access technologies (i.e. Wi-Fi), which are secured through the IPsec protocol suite and the Non-3GPP Interworking Function (N3IWF) entity. These mechanisms leverage traditional public key cryptography and Diffie-Hellman key exchange mechanisms, which should be updated to quantum-safe standards. Therefore, in this paper we present the design and development of a Quantum Key Distribution (QKD) based non-3GPP access mechanism for 5G networks, integrating QKD keys with IPsec tunnel establishment. Besides, we also demonstrate the feasibility of the system by experimental validation in a testbed with commercial QKD equipment and an open-source 5G core implementation. Results show that the time required to complete the authentication and IPsec security association establishment is 4.62% faster than traditional cryptography PSK-based systems and 5.17% faster than the certificate-based system, while ensuring Information-Theoretic Security (ITS) of the QKD systems.