Fast and Secure Service Continuity in the Edge-Cloud Continuum: A Study of TLS 1.3 Resumption and Post-Quantum Key Exchange

This paper presents an enhanced edge-cloud service-continuity platform that integrates advanced Transport Layer Security (TLS) 1.3 features to address performance and security challenges in dynamic smart environments such as smart cities and logistics. Building on a previously proposed proxy-based architecture, we incorporate two key TLS mechanisms: hybrid post-quantum key exchange using X25519MLKEM768 to mitigate Store Now Decrypt Later (SNDL) attacks, and stateless session resumption for fast handover across edge proxies. Our open-source implementation relies on Envoy proxies and BoringSSL library. We evaluate the cryptographic, data, and latency overheads across multiple network conditions. Results show that hybrid post-quantum TLS introduces manageable overheads while significantly enhancing security, and that session resumption reduces connection costs by up to 73%. These findings confirm the viability of strong cryptographic protections without sacrificing service performance, making the solution suitable for secure, seamless continuity in smart city edge computing scenarios.