METHODS FOR ENSURING QUANTUM-ADAPTIVE SECURITY OF HYBRID CRYPTOGRAPHIC PROTOCOLS IN NEXT-GENERATION NETWORKS
DOI:
https://doi.org/10.32782/2786-9024/v4i6(38).359309Keywords:
quantum-adaptive security, hybrid cryptographic protocols, post-quantum cryptography, multi-session security, QAA-model, QROM.Abstract
This article investigates methods for ensuring the quantum-adaptive security of hybrid cryptographic protocols in next-generation networks. 5G/6G and IoT networks necessitate the integration of classical and post-quantum algorithms. However, standard protocols combining ECDH with CRYSTALS-Kyber or CRYSTALS-Dilithium require formal security assessments. Current approaches primarily consider non-adaptive quantum adversaries, which limits their practical applicability in multi-session and dynamic environments. The paper proposes a model of a quantum-adaptive adversary. This model integrates the adversary's classical and quantum resources, an adaptive attack strategy, and a quantum-accessible oracle. It allows for the formalization of superposition queries and multi-step interactions with the protocol. A mathematical model of a hybrid handshake protocol is introduced, where the session key is formed by combining classical and post-quantum components via a Key Derivation Function. An upper bound for the adversary's advantage is derived, accounting for both the classical and post-quantum components of the protocol. To enhance resilience, three primary methods are proposed. The first is downgrade-resistant fixation of protocol parameters with cryptographic confirmation. The second is dynamic management of key parameters and cryptographic primitives based on an integrated risk function, which accounts for the adversary's quantum resources, network load, and attack activity. The third is compositional protocol verification considering multi-session and multi-level handshake phases, enabling the formalization of composability and the assessment of multi-level resilience. An integral metric of quantum-adaptive resilience is proposed, accounting for security, complexity, and adaptability. The results provide a scientific foundation for “harvest-now, decrypt-later” risk analysis.
References
G. Chhetri, S. Somvanshi, P. Hebli, S. Brotee, and S. Das, “Post-quantum cryptography and quantum-safe security: A comprehensive survey,” ACM Comput. Surv., vol. 1, no. 1, Art. 1, pp. 1–33, Oct. 2025. DOI: 10.48550/ arXiv.2510.10436.
National Institute of Standards and Technology, “Post-quantum cryptography Standardization.” csrc. nist.gov. URL: https://csrc.nist.gov/projects/post-quan- tum-cryptography.
Y. Zhyvylo and Y. Kuchma, “Mathematical modeling of intellectual and cryptographic protection of authentication keys,” ITS, vol. 13, no. 2, pp. 162–177, Nov. 2025. DOI: 10.20535/2411-1031.2025.13.2.344591.
A. Sanz et al., “Extending Quantum-Safe Communica- tions to Real-World Networks: An Adaptive Security Framework,” arXiv preprint arXiv:2511.22416, 2025. [Online]. URL: https://arxiv.org/html/2511.22416v1.
A. Raj and V. Balachandran, “A Hybrid Encryption Framework Combining Classical, Post-Quantum, and QKD Methods,” in Applied Cryptography and Network Security Workshops (ACNS 2025), M. Manulis, Ed. Cham, Switzerland: Springer, 2026, pp. 197–201. DOI: 10.1007/978-3-032-01823-6_14.
Y. Ko, I. W. A. J. Pawana, and I. You, “5g-aka-hpqc: Hybrid post-quantum cryptography protocol for quantum-resilient 5g primary authentication with forward secrecy,” arXiv preprint arXiv:2502.02851, pp. 1–15, 2025. DOI: 10.48550/arXiv.2502.02851.
A. Khutsaeva, A. Leevik, and S. Bezzateev, “A Survey of Post-Quantum Oblivious Protocols,” Cryptography, vol. 9, no. 4, p. 62, 2025. DOI: 10.3390/cryptography9040062.
S. Amador, C. Pardo, and R. Mazo, “Cybersecurity of Cyber-Physical Systems in the Quantum Era: A Systematic Literature Review-Based Approach,” Future Internet, vol. 18, no. 3, p. 125, 2026. DOI: 10.3390/fi18030125.
T. Fesenko and Y. Kalashnikova, “Mathematical aspects of the combined application of the AES algorithm and steganographic methods in authentication key protection,” ITS, vol. 13, no. 2, pp. 178–191, Nov. 2025. DOI: 10.205 35/2411-1031.2025.13.2.344592.
A. Shyshatskyi, Ed., INFORMATION AND CONTROL SYSTEMS: MODELLING AND OPTIMIZATIONS. Kharkiv, Ukraine: TECHNOLOGY CENTER PC, 2024. DOI: 10.15587/978-617-8360-04-7.
T. Fesenko and Y. Kalashnikova, “Predicate logic as the basis for knowledge formalization and logical inference in artificial intelligence systems for cybersecurity,” Science and Technology Today. Series: Engineering, no. 1 (55), pp. 1877–1891, Feb. 2026. DOI: 10.52058/2786-6025-2026-1(55)-1877-1891.
J. Mijalkovic and A. Spognardi, “Reducing the False Negative Rate in Deep Learning Based Network Intrusion Detection Systems,” Algorithms, vol. 15, no. 8, p. 258, 2022. DOI: 10.3390/a15080258.
Information security, cybersecurity and privacy protection – A framework for identity management – Part 1: Core concepts and terminology, ISO/IEC Standard 24760-1:2025, 3rd ed., 2025.
M. Koval et al., “Improvement of complex resource management of special-purpose communication systems,” Eastern-European Journal of Enterprise Technologies, vol. 5, no. 9 (119), pp. 34–44, 2022. DOI: 10.15587/1729-4061.2022.266009.
S. Kashkevich et al., “The development of management methods based on bio-inspired algorithms,” in Information and control systems: modelling and optimizations, A. Shyshatskyi, Ed. Kharkiv, Ukraine: TECHNOLOGY CENTER PC, 2024, pp. 35–69. DOI: 10.15587/978-617-8360-04-7.
A. Shyshatskyi et al., “Development of a polymodel complex of information systems resource management,” Eastern-European Journal of Enterprise Technologies, vol. 4, no. 4 (136), pp. 58–72, 2025. DOI: 10.15587/1729-4061.2025.335688.
P. Pradeep and K. Kant, “Conflict Detection and Resolution in IoT Systems: A Survey,” IoT, vol. 3, no. 1, pp. 191–218, 2022. DOI: 10.3390/iot3010012.
Y. Zdorenko, A. Yanko, M. Myziura, and N. Fesokha, “Development of a fuzzy risk assessment model for information security management,” TAPR, vol. 4, no. 2 (84), pp. 71–79, Aug. 2025. DOI: 10.15587/2706-5448.2025.334954.
Y. O. Zhyvylo, Y. V. Kuchma, and T. M. Fesenko, “Mathematical modeling of an adaptive anomaly detection system based on hybrid neural network architectures,” in Modern aspects of science: LXII. Part of the international collective monograph. Czech Republic: International Economic Institute s.r.o., 2025, pp. 407–456. DOI: 10.52058/62-2025.
Information security, cybersecurity and privacy protection – A framework for identity management – Part 1: Core concepts and terminology, ISO/IEC Standard 24760-1:2025, 3rd ed., 2025.
Т. Фесенко та Ю. Калашнікова, «Федеративна GNN- XAI модель прогнозу компрометації облікових записів у ZERO TRUST-середовищі», Кібербезпека: освіта, наука, техніка, вип. 3, № 31, с. 602–619, груд. 2025. DOI: 10.28925/2663-4023.2025.31.1049.
