The rise of quantum computing is forcing organisations to rethink how they secure data. Traditional protocols for generating and exchanging cryptographic keys, such as RSA and ECDH, will soon be broken by quantum computers, leaving sensitive data vulnerable to interception.
That challenge is why we created Symmetrikey, a quantum-safe key exchange protocol that’s lightweight enough to run even on IoT and embedded devices. But with so many options out there for quantum security, it can be hard to evaluate and compare different technologies.
We’ve already covered how Symmetrikey differs from Quantum Key Distribution, a quantum-safe key exchange technology. In this blog, we’re explaining the relationship between Symmetrikey and the broad category of technology known as post-quantum cryptography, or PQC. We’ll cover how Symmetrikey differs to standard PQC and look at potential applications, including for authentication.
What Is Post-Quantum Cryptography?
Current key exchange protocols are vulnerable to quantum attack because a quantum computer can easily solve the hard mathematical problems those protocols are based on, such as the discrete logarithm problem. The concept driving PQC is simple: use a different mathematical problem that neither classical nor quantum computers can solve efficiently (ie, in a matter of hours or days rather than billions of years).
It should be noted that PQC as a discipline covers more than just key exchange – it also covers encryption and digital signing.
Some of the leading PQC approaches include:
- Lattice-based cryptography – Uses complex geometric structures called lattices to create cryptosystems that are difficult for quantum computers to break.
- Code-based cryptography – Uses error-correcting codes to generate cryptographic keys that are resistant to quantum attacks, as well as encryption and digital signing.
- Multivariate polynomial cryptography – Relies on solving nonlinear polynomial equations, which is considered hard even for quantum computers.
Of these three approaches, lattice-based cryptography is currently the most favoured approach, with the National Institute of Standards and Technology (NIST) having approved a number of different protocols that use lattice-based problems. Multivariate polynomial cryptography is still being researched, but isn’t currently used widely.
Code-based cryptography is something of a rising star in the PQC world – NIST has recently selected a code-based KEM, HQC, as its fifth PQC algorithm. At time of writing, the main challenge with code-based cryptography is the size of the public keys and ciphertexts that are used, which makes it impractical for use in many environments – particularly environments where power and computational resources are limited.
What Is Symmetrikey?
Symmetrikey is actually a form of PQC, in that it uses a quantum-resistant mathematical problem to generate cryptographic keys. But that’s where the similarities end. And thanks to Symmetrikey’s uniqueness compared to other PQC protocols, it offers unique advantages in a range of use cases. For the purpose of this article, we’ll compare it with ML-KEM, the NIST-approved key exchange algorithm for quantum-safe key exchange.
Symmetrikey uses a lattice-based problem, similar to ML-KEM. Both are based on the Learning With Errors (LWE) problem – specifically, Symmetrikey uses Ring Learning With Errors (RLWE) as the basis of security. For contrast, ML-KEM uses Module Learning with Errors (MLWE).
The major difference is in how Symmetrikey enables each party to agree on a key. The “KEM” in ML-KEM stands for “Key Encapsulation Mechanism”; a KEM enables two parties to agree on a shared secret key by using a single public/private key pair in a way that’s quantum-safe.
By contrast, Symmetrikey uses correlation filtering to enable two parties to agree on a shared secret key from nearly identical datasets, in a way that prevents an attacker being able to work out the shared secret.
The combination of using RLWE and correlation filtering means that Symmetrikey uses fewer resources during operation than ML-KEM, and requires fewer cycles to work. In fact, in benchmark tests Symmetrikey has been proven to be up to twice as fast as ML-KEM.
Side-by-Side Comparison: Symmetrikey vs. ML-KEM
| ML-KEM | Symmetrikey | |
| Basis of security | Lattice-based cryptography (MLWE) | Lattice-based cryptography (RLWE) |
| Quantum resistance | Computationally secure | Computationally secure |
| Key exchange type | Key Encapsulation Mechanism (KEM) | Symmetric key agreement via correlation filtering (no keys are transmitted) |
| Error correction method | Deterministic mathematical reconstruction | Correlation filtering |
| Performance | High computational cost | Lightweight, scalable, efficient |
| Implementation | Standardised but complex integration | Flexible and simple, often working as a drop-in replacement for ECDH |
Although standard PQC key exchange methods like ML-KEM are a step forward from traditional protocols like RSA and ECC, therefore, Symmetrikey offers equal levels of security, but with less cost and complexity.
Which Is the Better Choice?
Choosing between Symmetrikey and other PQC key exchange algorithms depends on the specific needs of an organisation:
- PQC is a natural evolution of existing encryption standards – albeit with larger key and ciphertext sizes – making it an attractive option for organisations already relying on classical cryptographic infrastructure.
- Symmetrikey offers a more scalable, provable, and efficient solution, particularly for industries with high-performance, real-time security, or low-power needs.
The use case is also worth considering. Key exchange mechanisms are used to create keys for encrypting and sending data and transmissions, but also in many authentication workflows such as public key infrastructure (PKI). PQC key exchange can be integrated into existing PKI workflows, though the increased key sizes can affect the performance of PKI.
By contrast, Symmetrikey can be used in Cavero Quantum’s unique authentication protocol, called Authentikey. Authentikey enables two parties to build identical private ledgers of key exchanges, which are then used to authenticate each endpoint with the other. Authentikey is a very exciting alternative to existing authentication workflows – not least because of its ability to operate in constrained environments, thanks to its use of Symmetrikey and its lack of dependence on certificates, which are far larger in a post-quantum system.
For organisations that require low-latency, scalable key exchange that can be integrated into a two-way authentication workflow, Symmetrikey presents a superior alternative to other PQC key exchange algorithms such as ML-KEM. And if guaranteed security against future quantum attacks is important, then Symmetrikey is again the logical choice.
Conclusion: Future-Proofing Encryption
As quantum threats grow, organisations must evaluate their security strategies today to avoid future vulnerabilities. Symmetrikey provides a provable, scalable, and efficient variant of post-quantum key exchange, making it an ideal solution for industries where speed, authentication, and security must work together.
Want to learn more about Symmetrikey and how it compares to other PQC algorithms? Fill in the form below to request our scientific paper.