Fault-tolerant quantum computing will render RSA and ECC insecure by reducing their underlying mathematical hard problems to polynomial-time computation via Shor's algorithm. The urgency of migrating to NIST post-quantum cryptography (PQC) standards is compounded by Harvest Now, Decrypt Later (HNDL) attacks, in which adversaries archive encrypted traffic today for quantum decryption once capable hardware matures. A uniform substitution of classical primitives with lattice-based alternatives, however, creates deployment friction that existing migration guidance does not fully resolve. ML-KEM-1024 encapsulation keys (1,568 bytes) and ML-DSA signatures (2,420 - 4,627 bytes) can exceed the standard 1,500-byte Ethernet Maximum Transmission Unit (MTU) when combined with protocol framing overhead, and ML-DSA payloads strain the volatile memory of many deployed Hardware Security Modules (HSMs). These constraints impose measurable costs on handshake latency, packet fragmentation risk, and Zero Trust Architecture (ZTA) verification cycles. This paper makes three contributions. First, it characterizes the operational tension between lattice-based PQC primitives and existing cloud network constraints, drawing on FIPS 203, FIPS 204, FIPS 205, and current IETF transport-layer work. Second, it identifies specific failure modes this tension introduces for Zero Trust identity infrastructure. Third, it proposes a Tiered Cryptographic Agility Model: a workload-stratified migration framework that applies dual-wrap hybrid encryption to cold storage, symmetric key ratcheting to latency-sensitive microservices, and PQC-signed software gateway tokens to bridge the hardware adoption gap. The framework is positioned against the NIST SP 800-207 Zero Trust reference architecture and the deployment-security guidance of NIST SP 800-227.
Charbel Mattar (Sat,) studied this question.