Quantum computing poses an existential threat to classical public-key cryptography, necessitating urgent empirical evaluation of post-quantum cryptography (PQC) in realistic 5G wireless environments. This work presents the first end-to-end implementation and measurement of NIST-standardized PQC algorithms—ML-KEM, ML-DSA, SPHINCS+, and HQC—within TLS 1.3 on a realistic 5G simulation platform (Open5GS + UERANSIM), integrated via BoringSSL and liboqs. We systematically evaluate latency, computational resource overhead, and network payload impact during UE-to-UE communication. Results reveal clear practical boundaries: the ML-KEM/ML-DSA combination achieves optimal performance, meeting stringent low-latency requirements of 5G; conversely, SPHINCS+ and HQC incur prohibitive overhead, rendering them unsuitable for real-time secure communication. This study fills a critical gap in empirical PQC evaluation across the 5G protocol stack and provides foundational performance data to guide standardization and deployment decisions.

The advent of quantum computing threatens the security of classical public-key cryptographic systems, prompting the transition to post-quantum cryptography (PQC). While PQC has been analyzed in theory, its performance in practical wireless communication environments remains underexplored. This paper presents a detailed implementation and performance evaluation of NIST-selected PQC algorithms in user equipment (UE) to UE communications over 5G networks. Using a full 5G emulation stack (Open5GS and UERANSIM) and PQC-enabled TLS 1.3 via BoringSSL and liboqs, we examine key encapsulation mechanisms and digital signature schemes across realistic network conditions. We evaluate performance based on handshake latency, CPU and memory usage, bandwidth, and retransmission rates, under varying cryptographic configurations and client loads. Our findings show that ML-KEM with ML-DSA offers the best efficiency for latency-sensitive applications, while SPHINCS+ and HQC combinations incur higher computational and transmission overheads, making them unsuitable for security-critical but time-sensitive 5G scenarios.