Performance analysis of NIST post-quantum cryptosystems in the .NET environment
The rapid development of quantum computing poses a fundamental threat to classical asymmetric cryptographic algorithms such as RSA and ECC, which rely on the difficulty of integer factorization and the discrete logarithm problem for security. Shor's algorithm, when runs on a sufficiently powerf...
Gespeichert in:
| Datum: | 2026 |
|---|---|
| Hauptverfasser: | , |
| Format: | Artikel |
| Sprache: | Ukrainisch |
| Veröffentlicht: |
Інститут проблем реєстрації інформації НАН України
2026
|
| Schlagworte: | |
| Online Zugang: | https://drsp.ipri.kiev.ua/article/view/358678 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Назва журналу: | Data Recording, Storage & Processing |
Institution
Data Recording, Storage & Processing| _version_ | 1865395318675210240 |
|---|---|
| author | Онай, М. В. Петренко, Ф. В. |
| author_facet | Онай, М. В. Петренко, Ф. В. |
| author_sort | Онай, М. В. |
| baseUrl_str | http://drsp.ipri.kiev.ua/oai |
| collection | OJS |
| datestamp_date | 2026-05-16T22:01:18Z |
| description | The rapid development of quantum computing poses a fundamental threat to classical asymmetric cryptographic algorithms such as RSA and ECC, which rely on the difficulty of integer factorization and the discrete logarithm problem for security. Shor's algorithm, when runs on a sufficiently powerful quantum computer, reduces these problems to polynomial time, making widely used security protocols vulnerable. The «Harvest Now, Decrypt Later» strategy further increases the urgency of implementing quantum-resistant solutions before quantum computers capable of breaking encryption become available.
This study presents the results of an experimental performance analysis of native post-quantum cryptographic implementations standardized by the National Institute of Standards and Technology (NIST): ML-KEM (FIPS 203) for key encapsulation and ML-DSA (FIPS 204) for digital signatures. These implementations were evaluated within the .NET 10 managed runtime environment using BenchmarkDotNet on an Intel Core Ultra 9 processor with AVX2 instruction support.
Benchmarking results show that lattice-based post-quantum algorithms deliver significant computational advantages over traditional methods. ML-KEM-768 exceeds ECC-P256 in key generation by more than 7 times, while encapsulation and decapsulation are roughly 90 and 50 times faster, respectively, addressing concerns about server-side performance. ML-DSA-65 signature verification takes about 39 µs, outperforming both RSA-4096 and ECDSA-P384 in the .NET environment.
However, the main architectural challenge identified is the size of cryptographic objects. The ML-DSA-65 signature size of 3293 bytes exceeds the standard Ethernet MTU of 1500 bytes by 2.2 times, potentially causing IP packet fragmentation. Memory allocation analysis confirmed an efficient implementation with private-key objects storing only cryptographic seeds (54–86 bytes) thereby reducing garbage collection pressure.
These findings offer an empirical foundation for designing quantum-resistant distributed systems and guide architectural decisions for hybrid cryptographic migration strategies in enterprise .NET environments. Tabl.: 1. Fig.: 4. Refs: 13 titles. |
| doi_str_mv | 10.35681/1560-9189.2026.28.1.358678 |
| first_indexed | 2026-05-17T01:00:05Z |
| format | Article |
| id | drspiprikievua-article-358678 |
| institution | Data Recording, Storage & Processing |
| keywords_txt_mv | keywords |
| language | Ukrainian |
| last_indexed | 2026-05-17T01:00:05Z |
| publishDate | 2026 |
| publisher | Інститут проблем реєстрації інформації НАН України |
| record_format | ojs |
| spelling | drspiprikievua-article-3586782026-05-16T22:01:18Z Performance analysis of NIST post-quantum cryptosystems in the .NET environment Аналіз продуктивності постквантових криптосистем Національного інституту стандартів і технологій у середовищі .NET Онай, М. В. Петренко, Ф. В. криптографія, постквантова криптографія, еліптична криптографія, програмне забезпечення, інженерія програмного забезпечення, FIPS 203, FIPS 204, ML-KEM, ML-DSA, .NET 10, BenchmarkDotNet, продуктивність, розподілені системи cryptography, post-quantum cryptography, elliptic curve cryptography, software, software engineering, FIPS 203, FIPS 204, ML-KEM, ML-DSA, .NET 10, BenchmarkDotNet, performance, distributed systems The rapid development of quantum computing poses a fundamental threat to classical asymmetric cryptographic algorithms such as RSA and ECC, which rely on the difficulty of integer factorization and the discrete logarithm problem for security. Shor's algorithm, when runs on a sufficiently powerful quantum computer, reduces these problems to polynomial time, making widely used security protocols vulnerable. The «Harvest Now, Decrypt Later» strategy further increases the urgency of implementing quantum-resistant solutions before quantum computers capable of breaking encryption become available. This study presents the results of an experimental performance analysis of native post-quantum cryptographic implementations standardized by the National Institute of Standards and Technology (NIST): ML-KEM (FIPS 203) for key encapsulation and ML-DSA (FIPS 204) for digital signatures. These implementations were evaluated within the .NET 10 managed runtime environment using BenchmarkDotNet on an Intel Core Ultra 9 processor with AVX2 instruction support. Benchmarking results show that lattice-based post-quantum algorithms deliver significant computational advantages over traditional methods. ML-KEM-768 exceeds ECC-P256 in key generation by more than 7 times, while encapsulation and decapsulation are roughly 90 and 50 times faster, respectively, addressing concerns about server-side performance. ML-DSA-65 signature verification takes about 39 µs, outperforming both RSA-4096 and ECDSA-P384 in the .NET environment. However, the main architectural challenge identified is the size of cryptographic objects. The ML-DSA-65 signature size of 3293 bytes exceeds the standard Ethernet MTU of 1500 bytes by 2.2 times, potentially causing IP packet fragmentation. Memory allocation analysis confirmed an efficient implementation with private-key objects storing only cryptographic seeds (54–86 bytes) thereby reducing garbage collection pressure. These findings offer an empirical foundation for designing quantum-resistant distributed systems and guide architectural decisions for hybrid cryptographic migration strategies in enterprise .NET environments. Tabl.: 1. Fig.: 4. Refs: 13 titles. Представлено результати експериментального аналізу продуктивнос-ті вбудованих реалізацій постквантових алгоритмів стандартів NIST (The National Institute of Standards and Technology) FIPS 203 (ML-KEM) і FIPS 204 (ML-DSA) у середовищі .NET 10. За допомогою Benchmark-DotNet визначено швидкодію операцій і показники використання пам’я ті на архітектурі Intel Core Ultra. Емпірично підтверджено, що ML-KEM-768 пришвидшує процес генерації ключів більше ніж у 7 разів порівняно з ECC-P256, водночас демонструючи безпрецедентну швидкодію операцій інкапсуляції (майже у 90 разів) і декапсуляції (у понад 50 разів). Встановлено також, що використання PQC (Post-Quantum Cryptography) збільшує розмір криптографічних ключів (зокрема, цифрових підписів) до 34 разів. Це зумовлює ризики гарантованої фрагментації IP-пакетів і вимагає перегляду архітектурних підходів до проєктування в розподілених системах. Інститут проблем реєстрації інформації НАН України 2026-03-17 Article Article application/pdf https://drsp.ipri.kiev.ua/article/view/358678 10.35681/1560-9189.2026.28.1.358678 Data Recording, Storage & Processing; Vol. 28 No. 1 (2026); 109-118 Регистрация, хранение и обработка данных; Том 28 № 1 (2026); 109-118 Реєстрація, зберігання і обробка даних; Том 28 № 1 (2026); 109-118 1560-9189 uk https://drsp.ipri.kiev.ua/article/view/358678/346655 Авторське право (c) 2026 Реєстрація, зберігання і обробка даних |
| spellingShingle | cryptography post-quantum cryptography elliptic curve cryptography software software engineering FIPS 203 FIPS 204 ML-KEM ML-DSA .NET 10 BenchmarkDotNet performance distributed systems Онай, М. В. Петренко, Ф. В. Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title | Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title_alt | Аналіз продуктивності постквантових криптосистем Національного інституту стандартів і технологій у середовищі .NET |
| title_full | Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title_fullStr | Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title_full_unstemmed | Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title_short | Performance analysis of NIST post-quantum cryptosystems in the .NET environment |
| title_sort | performance analysis of nist post-quantum cryptosystems in the .net environment |
| topic | cryptography post-quantum cryptography elliptic curve cryptography software software engineering FIPS 203 FIPS 204 ML-KEM ML-DSA .NET 10 BenchmarkDotNet performance distributed systems |
| topic_facet | криптографія постквантова криптографія еліптична криптографія програмне забезпечення інженерія програмного забезпечення FIPS 203 FIPS 204 ML-KEM ML-DSA .NET 10 BenchmarkDotNet продуктивність розподілені системи cryptography post-quantum cryptography elliptic curve cryptography software software engineering FIPS 203 FIPS 204 ML-KEM ML-DSA .NET 10 BenchmarkDotNet performance distributed systems |
| url | https://drsp.ipri.kiev.ua/article/view/358678 |
| work_keys_str_mv | AT onajmv performanceanalysisofnistpostquantumcryptosystemsinthenetenvironment AT petrenkofv performanceanalysisofnistpostquantumcryptosystemsinthenetenvironment AT onajmv analízproduktivnostípostkvantovihkriptosistemnacíonalʹnogoínstitutustandartívítehnologíjuseredoviŝínet AT petrenkofv analízproduktivnostípostkvantovihkriptosistemnacíonalʹnogoínstitutustandartívítehnologíjuseredoviŝínet |