Scalable End-to-End Encryption Management Using Quantum-Resistant Cryptographic Protocols for Cloud-Native Microservices Ecosystems
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V4I1P116Keywords:
Cloud-Native Security, Microservices Architecture, End-to-End Encryption, Post-Quantum Cryptography, Key Management Systems, Zero Trust SecurityAbstract
Cloud-native application ecosystems increasingly rely on large-scale microservices architectures composed of ephemeral containers, serverless functions, and service-mesh–enabled workloads that are dynamically instantiated and terminated. While Transport Layer Security (TLS) and classical public-key cryptographic mechanisms currently provide confidentiality and authentication for inter-service communication, these approaches are increasingly inadequate in the presence of emerging quantum computing capabilities. In particular, widely deployed algorithms such as RSA and elliptic curve cryptography (ECC) are vulnerable to quantum attacks, exposing long-lived secrets, archived data, and east–west service traffic to “harvest-now, decrypt-later” adversarial strategies. Moreover, existing encryption and key management solutions are not designed to provide true end-to-end encryption (E2EE) across highly dynamic microservices boundaries, nor do they adequately support crypto-agility in cloud-native environments. This paper proposes a scalable, quantum-resistant end-to-end encryption management framework tailored for cloud-native microservices ecosystems. The framework integrates post-quantum cryptographic (PQC) key exchange mechanisms with automated, policy-driven key lifecycle management to secure both data-in-motion and data-at-rest across heterogeneous deployment models. By decoupling cryptographic control planes from application logic and leveraging service identity–based trust establishment, the proposed approach enables seamless E2EE without disrupting microservice scalability or elasticity. Experimental evaluation conducted on a Kubernetes-based microservices testbed demonstrates that the framework achieves strong quantum-resilient security guarantees with manageable latency overhead, while supporting high-throughput service-to-service communication and rapid key rotation. The results indicate that quantum-resistant encryption can be practically integrated into modern cloud-native systems, providing a future-proof security foundation for next-generation distributed applications
Downloads
References
[1] Bos, J., Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schanck, J. M., ... & Stehlé, D. (2018, April). CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In 2018 IEEE European symposium on security and privacy (EuroS&P) (pp. 353-367). IEEE.
[2] Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583–592. https://doi.org/10.1016/j.future.2010.12.006.
[3] Sendrier, N. (2010, May). Post-quantum cryptography. In third international workshop, PQCrypto, Darmstadt, Germany.
[4] Shor, P. W. (1994, November). Algorithms for quantum computation: discrete logarithms and factoring. In Proceedings 35th annual symposium on foundations of computer science (pp. 124-134). IEEE.
[5] Henry, R., Herzberg, A., & Kate, A. (2018). Blockchain access privacy: Challenges and directions. IEEE Security & Privacy, 16(4), 38-45.
[6] Li, W., Lemieux, Y., Gao, J., Zhao, Z., & Han, Y. (2019, April). Service mesh: Challenges, state of the art, and future research opportunities. In 2019 IEEE International Conference on Service-Oriented System Engineering (SOSE) (pp. 122-1225). IEEE.
[7] Chen, L., Jordan, S. P., Liu, Y. K., Moody, D., Peralta, R. C., Perlner, R., & Smith Tone, D. C. (2016). Report on post quantum cryptography (NISTIR 8105). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.IR.8105.
[8] Damgård, I., & Salvail, L. (2008). Quantum safe cryptography and security definitions. In Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT) (pp. 247–265). Springer.
[9] Ward, R., & Beyer, B. (2014). Beyondcorp: A new approach to enterprise security. ; login:: the magazine of USENIX & SAGE, 39(6), 6-11.
[10] Kindervag, J. (2010). Build security into your network’s dna: The zero trust network architecture. Forrester Research Inc, 27, 1-16.
[11] Stafford, V. (2020). Zero trust architecture. NIST special publication, 800(207), 800-207.
[12] Burns, B., Grant, B., Oppenheimer, D., Brewer, E., & Wilkes, J. (2016). Borg, omega, and kubernetes. Communications of the ACM, 59(5), 50-57.
[13] Richardson, C. (2018). Microservices patterns: with examples in Java. Simon and Schuster.
[14] Wilkins, M. (2019). Learning Amazon Web Services (AWS): A hands-on guide to the fundamentals of AWS Cloud. Addison-Wesley Professional.
[15] Elahi, G., Yu, E., & Zannone, N. (2010). A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities. Requirements engineering, 15(1), 41-62.
[16] Mattsson, J. P., Smeets, B., & Thormarker, E. (2021). Quantum-resistant cryptography. arXiv preprint arXiv:2112.00399.
[17] Li, W., & Kanso, A. (2015, March). Comparing containers versus virtual machines for achieving high availability. In 2015 IEEE International Conference on Cloud Engineering (pp. 353-358). IEEE.
[18] Pahl, C., Jamshidi, P., Zimmermann, O., & Cito, J. (2020). Architectural principles for microservices: A systematic literature review. Journal of Systems and Software, 155, 110–137. https://doi.org/10.1016/j.jss.2019.10.022.
[19] de Almeida, M. G., & Canedo, E. D. (2022). Authentication and authorization in microservices architecture: A systematic literature review. Applied sciences, 12(6), 3023.
[20] Asif, R. (2021). Post quantum cryptosystems for Internet of Things: A survey on lattice based algorithms. IoT, 2(1), 71–91. https://doi.org/10.3390/iot2010005
[21] Bhat, J., & Sundar, D. (2022). Building a Secure API-Driven Enterprise: A Blueprint for Modern Integrations in Higher Education. International Journal of Emerging Research in Engineering and Technology, 3(2), 123-134. https://doi.org/10.63282/3050-922X.IJERET-V3I2P113
[22] Bhat, J. (2022). The Role of Intelligent Data Engineering in Enterprise Digital Transformation. International Journal of AI, BigData, Computational and Management Studies, 3(4), 106-114. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V3I4P111
[23] Bhat, J., Sundar, D., & Jayaram, Y. (2022). Modernizing Legacy ERP Systems with AI and Machine Learning in the Public Sector. International Journal of Emerging Research in Engineering and Technology, 3(4), 104-114. https://doi.org/10.63282/3050-922X.IJERET-V3I4P112
[24] Sundar, D., & Jayaram, Y. (2022). Composable Digital Experience: Unifying ECM, WCM, and DXP through Headless Architecture. International Journal of Emerging Research in Engineering and Technology, 3(1), 127-135. https://doi.org/10.63282/3050-922X.IJERET-V3I1P113
[25] Sundar, D., Jayaram, Y., & Bhat, J. (2022). A Comprehensive Cloud Data Lakehouse Adoption Strategy for Scalable Enterprise Analytics. International Journal of Emerging Research in Engineering and Technology, 3(4), 92-103. https://doi.org/10.63282/3050-922X.IJERET-V3I4P111
[26] Sundar, D. (2022). Architectural Advancements for AI/ML-Driven TV Audience Analytics and Intelligent Viewership Characterization. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 124-132. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I1P113
[27] Jayaram, Y., & Sundar, D. (2022). Enhanced Predictive Decision Models for Academia and Operations through Advanced Analytical Methodologies. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(4), 113-122. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I4P113
[28] Jayaram, Y., Sundar, D., & Bhat, J. (2022). AI-Driven Content Intelligence in Higher Education: Transforming Institutional Knowledge Management. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(2), 132-142. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I2P115
[29] Jayaram, Y., & Bhat, J. (2022). Intelligent Forms Automation for Higher Ed: Streamlining Student Onboarding and Administrative Workflows. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 100-111. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P110
