Merkle Tree Certificate Post-Quantum PKI for Kubernetes and Cloud-Native 5G/B5G Core

TL;DR

This paper introduces Merkle Tree Certificates for post-quantum PKI in Kubernetes and 5G, reducing signature overhead and enabling efficient, quantum-resistant certificate authentication.

Contribution

It designs MTC-based PKI architectures for Kubernetes and 5G, implementing and evaluating their performance with significant efficiency improvements.

Findings

MTC landmark verification completes in under 2 microseconds.

MTC reduces on-wire signature overhead in TLS handshakes.

Implementation in Go shows no measurable impact on handshake time.

Abstract

Post-quantum signature schemes such as ML-DSA-65 produce signatures of 3,309 bytes and public keys of 1,952 bytes over 50 times larger than classical Ed25519. In TLS-authenticated environments like Kubernetes control planes and 5G Core networks, where every inter-component connection is mutually authenticated, this overhead compounds across thousands of handshakes per second. Merkle Tree Certificates (MTC), currently under development at IETF, replace per-certificate issuer signatures with Merkle inclusion proofs and, in the landmark mode, eliminate on-wire signatures from certificate authentication entirely. We present MTC-based PKI architectures for Kubernetes and 3GPP 5G Service-Based Architecture. Starting from the infrastructure layer, we replace the Kubernetes cluster CA with an MTCA deployment that issues MTC certificates to control plane components, with cosigners and a DaemonSet-based landmark distributor. Building on this, we design a certificate lifecycle for 5G Network Functions deployed against QORE, a post-quantum 5G Core. We implement MTC proof construction and verification in Go crypto/tls and crypto/x509 packages. Our measurements on an Intel i9-12900 show MTC landmark verification completing in under 2 {\mu}s compared to 24 microseconds for ECDSA signature verification-with no measurable impact on TLS handshake time. We further propose a 6G-native architecture where the NRF serves as the MTCA and the SCP as witness cosigner, and discuss applicability to Non-Terrestrial Networks.