This study systematically evaluates the end-to-end performance impact of post-quantum cryptography (PQC) algorithms on TLS 1.3 and higher-layer HTTP transactions. By constructing an experimental platform that simulates realistic workloads, the authors conduct multidimensional performance measurements and statistical analyses across the TCP, TLS, and HTTP layers under classical, hybrid, and pure PQC key exchange mechanisms. For the first time, the work quantifies latency and throughput variations of diverse PQC schemes across more than thirty experimental scenarios, considering different response sizes and key exchange configurations within a layered architecture. The findings provide empirical evidence and practical design guidance for performance trade-offs in real-world HTTPS deployments incorporating PQC.

In this paper, we present a laboratory study focused on the impact of post-quantum cryptography (PQC) algorithms on multiple layers of stateful HTTP over TLS transactions: the TCP handshake, the intermediate TCP-TLS layer, the TLS handshake, the intermediate TLS layer, and the HTTP application layer. To this end, we propose a laboratory architecture that emulates a real-world setup in which a load test of up to 100 transactions per second is sent to a load balancer, which in turn forwards them to a backend server that returns the responses. Each set of tests is executed using the TLS 1.3 key exchange groups as follows: traditional (or non-PQC), hybrid PQC and pure PQC. Each set of tests also varied the backend response size. Across more than thirty experiments, we performed data reduction and statistical analysis for each layer, to determine the specific impact of each algorithm (PQC and traditional) at every stage of the HTTP-over-TLS transaction.