Solving the Post-Quantum Control Plane Bottleneck: Energy-Aware Cryptographic Scheduling in Open RAN

The Open Radio Access Network (O-RAN) offers flexibility and innovation but introduces unique security vulnerabilities, particularly from cryptographically relevant quantum computers. While Post-Quantum Cryptography (PQC) is the primary scalable defence, its computationally intensive handshakes create a significant bottleneck for the RAN control plane, posing sustainability challenges. This paper proposes an energy-aware framework to solve this PQC bottleneck, ensuring quantum resilience without sacrificing operational energy efficiency. The system employs an O-RAN aligned split: a Crypto Policy rApp residing in the Non-Real-Time (Non-RT) RIC defines the strategic security envelope (including PQC suites), while a Security Operations Scheduling (SOS) xApp in the Near-RT RIC converts these into tactical timing and placement intents. Cryptographic enforcement remains at standards-compliant endpoints: the Open Fronthaul utilizes Media Access Control Security (MACsec) at the O-DU/O-RU, while the xhaul (midhaul and backhaul) utilizes IP Security (IPsec) at tunnel terminators. The SOS xApp reduces PQC overhead by batching non-urgent handshakes, prioritizing session resumption, and selecting parameters that meet slice SLAs while minimizing joules per secure connection. We evaluate the architecture via a Discrete-Event Simulation (DES) using 3GPP-aligned traffic profiles and verified hardware benchmarks from literature. Results show that intelligent scheduling can reduce per-handshake energy by approximately 60 percent without violating slice latency targets.

💡 Research Summary

The paper addresses a critical bottleneck in Open Radio Access Network (O‑RAN) control‑plane security that arises when post‑quantum cryptography (PQC) is introduced to protect against quantum adversaries. While NIST‑standardized algorithms such as ML‑KEM, ML‑DSA, and SLH‑DSA provide quantum‑resilient key exchange and signatures, their larger key sizes and higher computational demands dramatically increase CPU cycles, memory pressure, and control‑plane traffic. In a latency‑sensitive environment like O‑RAN, especially for Ultra‑Reliable Low‑Latency Communication (URLLC) slices, this can jeopardize service‑level agreements (SLAs) and raise the network’s energy footprint.

To reconcile quantum security with energy efficiency, the authors propose a two‑layer orchestration framework that aligns with O‑RAN’s existing split architecture. A strategic Crypto Policy rApp runs in the Non‑Real‑Time (Non‑RT) RIC and defines the allowed PQC suites, re‑key intervals, and high‑level accelerator usage policies. These policies are disseminated via the A1 interface to a tactical Security Operations Scheduling (SOS) xApp residing in the Near‑Real‑Time (Near‑RT) RIC. The SOS xApp translates policy into concrete timing and placement intents that are communicated to the data‑plane endpoints (O‑DU/O‑RU for the fronthaul and IPsec tunnel terminators for the x‑haul) using standard E2 and O1 interfaces.

The core of the SOS xApp consists of three tightly coupled mechanisms:

1. Handshake Batching and Timing – Non‑urgent re‑key operations are shifted into short low‑load windows (≈50 ms) identified from real‑time cell load telemetry. The xApp issues timing hints that cause MACsec re‑keys on the fronthaul and IKEv2 re‑keys on the x‑haul to be executed together, reducing peak CPU usage.

2. Session Resumption and Pre‑Seeding – Full PQC handshakes are avoided whenever possible by leveraging TLS 1.3 and IKEv2 session‑resumption (PSK) mechanisms. The framework also pre‑seeds resumption material at likely target nodes before hand‑over events, eliminating fresh handshakes during mobility spikes.

3. Adaptive Suite and Accelerator Selection – Based on real‑time resource availability and an energy model (pre‑characterized joules per handshake for software and for hardware accelerators), the xApp dynamically selects the most energy‑efficient algorithm variant (e.g., hybrid ML‑KEM/Dilithium) and decides whether to offload the operation to a hardware accelerator. Queue‑depth caps and latency predictions ensure that accelerator contention never violates the slice’s latency budget.

Decision making is driven by a constrained reinforcement‑learning (RL) policy. The observation vector includes slice latency headroom, cell load, mobility rate, and an “energy proxy” derived from CPU cycle counts, accelerator utilization, and per‑instruction energy profiles. The reward function minimizes joules per secure connection while hard constraints enforce 95th‑percentile latency limits and minimum security levels. If any constraint is breached, the controller falls back to a safe baseline (typically classical ECC) to preserve service continuity.

The authors evaluate the framework using a discrete‑event simulation (DES) built on 3GPP‑aligned traffic models (URLLC, eMBB, mMTC) and hardware benchmarks from the literature (ARM Cortex‑A78, RISC‑V based PQC accelerators). Results show that intelligent scheduling reduces the average energy per full PQC handshake from 17.57 mJ to about 7.1 mJ—a ~60 % reduction—while session‑resumption energy stays around 0.88 mJ. Importantly, eMBB latency remains within the 150 ms budget, and URLLC traffic (10 ms budget) is completely exempt from batching, confirming that SLA compliance is maintained.

By keeping cryptographic enforcement at the standards‑compliant data‑plane (MACsec on the fronthaul, IPsec on the x‑haul) and using the RIC solely for optimization, the design respects Zero‑Trust principles and avoids turning the control plane into a performance bottleneck. The paper’s contributions include (i) an end‑to‑end energy‑aware PQC orchestration architecture, (ii) concrete mechanisms for batching, resumption, and accelerator‑aware suite selection, (iii) a constrained RL decision engine that balances energy and latency, and (iv) a thorough simulation‑based validation showing substantial energy savings without SLA violations.

Future work suggested includes extending the framework to incorporate carbon‑intensity signals for carbon‑aware scheduling, handling multi‑operator policy conflicts, and validating the approach on a live O‑RAN testbed with real PQC hardware.