Current 5G Authentication and Key Agreement (AKA) is vulnerable to linkability attacks and lacks quantum resistance, compromising forward secrecy. This paper proposes a 3GPP-compliant hybrid post-quantum authentication protocol that innovatively integrates ECIES with NIST-standardized PQC-KEM key derivation mechanisms directly into the AKA workflow—achieving both forward secrecy and quantum resilience while preserving standard interoperability. We formally model the protocol using the SVO logic and verify its security properties—including unlinkability, key secrecy, and forward secrecy—with ProVerif. Performance evaluation demonstrates that computational and communication overheads remain moderate, confirming practical deployability. This work addresses a critical security gap in 5G core network authentication under emerging quantum threats.

5G enables digital innovation by integrating diverse services, making security especially primary authentication crucial. Two standardized protocols, 5G AKA and EAP AKA', handle authentication for 3GPP and non 3GPP devices. However, 5G AKA has vulnerabilities, including linkability attacks. Additionally, quantum computing poses threats, requiring quantum resistant cryptography. While post-quantum cryptography (PQC) is being standardized, its real world robustness remains unproven. Conventional cryptographic schemes offer reliability due to decades of practical use. To bridge this gap, IETF is standardizing hybrid PQC (HPQC), combining classical and quantum resistant methods. Ensuring forward secrecy and quantum resilience in 5G-AKA is critical. To address these issues, we propose 5G AKA HPQC, a protocol maintaining compatibility with existing standards while enhancing security by integrating keys derived from Elliptic Curve Integrated Encryption Scheme (ECIES) and PQC Key Encapsulation Mechanism (KEM). We validate its security using SVO Logic and ProVerif, confirming its robustness. Performance evaluations assess computational and communication overheads, demonstrating a balance between security and efficiency. This research provides key insights into quantum-safe authentication, contributing to future standardization of secure mobile authentication protocols.