As quantum security efforts and innovations accelerate, the variety of technologies, protocols, standards, and algorithms can feel overwhelming. Especially because, in these early days of Post-Quantum Cryptography, the conversation is mainly being led by academics and technologists who are happy to talk in very technical terms.
That’s one of the reasons that we feel it’s so important to demystify quantum cryptographic terms – as these technologies become more and more prevalent, it’s essential that non-academics and non-technical people understand the terms they’re hearing and what they mean.
At the same time, we are introducing our own quantum security technologies to the marketplace: Symmetrikey, a post-quantum cryptography algorithm that enables lightweight yet quantum-safe key creation, and Authentikey, a two-way endpoint authentication algorithm.
In this blog, we’re looking specifically at the differences between Symmetrikey and Quantum Key Distribution, or QKD.
What is Quantum Key Distribution?
QKD is a method of creating cryptographic keys. It’s symmetric – the same keys are used to encrypt and decrypt data – and it is safe against quantum attacks. QKD relies on the properties of photons (light particles) to create secret keys without relying on mathematical problems.
Because of this, QKD is – at least in theoretical terms – the most secure quantum-safe technology out there. In fact, you might hear it referred to as “information theoretically secure” – they mean the same thing. With no mathematical problem for a quantum computer to solve, there is nothing for a quantum computer to crack.
Despite these promising characteristics, QKD takeup remains low and governments are deeming it unsuitable for securing their networks.
What are the limitations of QKD?
QKD has a number of limitations that make it ultimately impractical to deploy in many use cases.
- Firstly, it is only effective over a short range. QKD relies on fibre-optic cables in order to function (remember it works by transmitting photons) which are subject to noise and photon loss, and so cannot be deployed over long distances.
- Secondly, it is vulnerable to specific attacks such as denial of service attacks (all you have to do is cut the fibre optic cable to deactivate the system) and side channel attacks.
- Thirdly, the technology is extremely complex. QKD requires specialised hardware and is difficult to properly implement and maintain. Even slight deviations from ideal system operation can lead to gaps in your security. As a result, while there have been some instances of QKD being deployed in the real world, most work on QKD remains theoretical or at prototype stage.
Reasons like this mean that government organisations like the UK’s National Cyber Security Centre are not supporting QKD for government or military applications.
What is Symmetrikey?
Symmetrikey is a quantum-safe key exchange protocol developed by us at Cavero Quantum. Like QKD, it is secure against quantum attack, and it is a symmetric key generation algorithm – but that’s where the similarities end.
Symmetrikey falls into the category of post-quantum cryptography, meaning that it uses a type of mathematical problem as the basis of security – but one that is impossible for even a quantum computer to solve quickly. Symmetrikey uses a variant of the well-known Learning With Errors problem, known as Ring Learning With Errors (RLWE).
While in purely theoretical terms the reliance on maths problems makes PQC less secure than QKD (because in theory future advances in quantum computing could make it possible to solve the maths problems used in PQC), in practical terms PQC has fewer vulnerabilities than QKD. Research into the maths problems used in PQC is extensive and long-run, and will continue in the future, and to date no computational shortcuts have been found for RLWE. You may hear people talk about “computational security”, which refers to security that is good enough to outlast any currently known attack. Symmetrikey is a computationally secure key exchange algorithm.
Symmetrikey, like all other PQC solutions, is software-based which makes it far easier to implement than QKD. For example, in a QKD system you not only need to secure the communication channels between two parties, but also the connections within each endpoint between the QKD device and the classical device. This complication is not present with PQC systems like Symmetrikey. Additionally, PQC is not limited by physical distance, making it more versatile than QKD.
Key differences between Symmetrikey and QKD
| QKD | Symmetrikey | |
| Basis of security | Principles of quantum mechanics | Ring Learning With Errors |
| Infrastructure | Hardware-based using fibre optics and photon sources | Software-based |
| Level of security | Quantum-safe (information theoretic) | Quantum-safe (computational security) |
| Complexity | High – hardware intensive and difficult to maintain. | Medium – software-based. |
| Computational demand | High | Low |
| Range | ~420km | Global |
Should I choose QKD or Symmetrikey for security?
The answer to this question depends on a few variables. But in summary, for most applications Symmetrikey is a more practical and versatile choice for quantum-safe key exchange.
Since QKD is, at least theoretically, the most secure key exchange protocol, it could be deemed the most appropriate choice for securing your most critical data and systems. But that relies on a few provisos:
- You have the budget to invest in QKD – it is expensive.
- You have the time and the expertise to implement it – it is complex.
- You have the time and expertise to test it and maintain, in order to mitigate against known and unknown threats.
The truth is that for most people, QKD is not a practical choice. Remember, the UK Government is still not supporting QKD for government or defence applications in 2025, which is a fair indication that there are significant challenges with it.
By contrast, Symmetrikey has a lot to offer. It’s suitable for a wide range of different applications and environments – crucially, Symmetrikey has been successfully deployed on a SIM card, a constrained environment where other PQC solutions have been unable to run due to their size. Because of the way it’s built, Symmetrikey also works well as a drop-in replacement for ECDH, requiring far less system redesign than implementing QKD or another PQC algorithm such as ML-KEM.
How to get Symmetrikey
Symmetrikey is currently available as part of our patented authentication protocol, Authentikey, which is beta testing at the moment (you can sign up for the beta test by filling in the form below). As we continue to test and develop our technologies, Symmetrikey will be made available as a standalone product – but if you are interested in deploying it sooner, talk to us and we can discuss your project.