Looma: A Low-Latency PQTLS Authentication Architecture for Cloud Applications
Xinshu Ma
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Cloud Security
Cloud applications built from microservices create many internal network connections, each requiring **mutual TLS (mTLS)** authentication. As the industry transitions to **post-quantum cryptography**, the heavier signing operations of post-quantum algorithms (2.5x-9x slower than ECDSA) amplify the handshake cost, creating a significant latency bottleneck for cloud workloads. This talk presents **Looma**, an architecture that reduces post-quantum mTLS handshake latency by **34% at P50 and 48% at P99** compared to **Dilithium-2** (the fastest PQ signature algorithm) by splitting authentication into offline precomputation and fast online operations using an **online/offline signature** paradigm. Online signing completes in under **1 microsecond** and verification in under **7 microseconds**. The approach is general, applying to different PQ signature schemes and TLS-like protocols including **QUIC** and **PSP**, and will be presented at the **IETF CFRG** session.
AI review
A post-quantum TLS optimization for cloud mTLS that reduces handshake latency through online/offline signature precomputation. Solid crypto engineering for the PQ migration challenge, but no offensive security content and limited relevance outside cloud infrastructure performance optimization.