This work addresses the vulnerability of control-plane signaling in 5G cloud-native service-based architectures to quantum attacks, such as Harvest Now, Decrypt Later (HNDL), noting the absence of deployable post-quantum cryptographic solutions in current systems. The authors propose a non-intrusive sidecar proxy architecture that seamlessly integrates the NIST-standardized post-quantum algorithms ML-KEM-768 and ML-DSA into the real-world open-source 5G core network free5GC without modifying existing network functions. Experimental evaluation over HTTP/2-based service-based interfaces demonstrates that the integration introduces a deterministic latency overhead of approximately 48–49 ms, yielding an end-to-end SBI latency of 54 ms with minimal jitter (IQR ≤ 0.2 ms, CV < 0.4%), thereby validating the feasibility and practicality of a smooth transition toward quantum-safe 5G networks.

The transition to a cloud-native 5G Service-Based Architecture (SBA) improves scalability but exposes control-plane signaling to emerging quantum threats, including Harvest-Now, Decrypt-Later (HNDL) attacks. While NIST has standardized post-quantum cryptography (PQC), practical, deployable integration in operational 5G cores remains underexplored. This work experimentally integrates NIST-standardized ML-KEM-768 and ML-DSA into an open-source 5G core (free5GC) using a sidecar proxy pattern that preserves unmodified network functions (NFs). Implemented on free5GC, we compare three deployments: (i) native HTTPS/TLS, (ii) TLS sidecar, and (iii) PQC-enabled sidecar. Measurements at the HTTP/2 request-response boundary over repeated independent runs show that PQC increases end-to-end Service-Based Interface (SBI) latency to approximately 54 ms, adding a deterministic 48-49 ms overhead relative to the classical baseline, while maintaining tightly bounded variance (IQR <= 0.2 ms, CV < 0.4%). We also quantify the impact of Certification Authority (CA) security levels, identifying certificate validation as a tunable contributor to overall delay. Overall, the results demonstrate that sidecar-based PQC insertion enables a non-disruptive and operationally predictable migration path for quantum-resilient 5G signaling.