Three things we learned at Mobile Future Forward 2025 

by James Trenholmein Newson Posted on

Last week I had a very productive and interesting day in Seattle at Mobile Future Forward 2025. The theme this year was “quantumverse” – the convergence of a number of revolutionary technologies, including quantum computing, and its potential to transform humanity – so naturally I wanted to represent Cavero Quantum, and learn more about how people are grappling with the challenge of quantum security. I want to take this opportunity to thank Chetan Sharma for putting together such an amazing list of visionary speakers and attendees.

I was fortunate to speak to a number of organisations and leaders on the day, and share a little bit of Cavero Quantum’s mission: to make quantum security and authentication practical and scalable for all. These topics are all worthy of further discussion in future posts, but for now I want to quickly share three big takeaways from those conversations that I think will be of interest to others who couldn’t make the event.

1: ML-KEM is proving unsuitable for constrained environments

I spoke to a number of people involved in deploying low-compute technologies – and the common theme was that they were unable to use ML-KEM in their endpoint authentication and data encryption workflows.

We’ve long suspected that ML-KEM, despite offering robust security, would be too bulky to work in some environments – that suspicion, it seems, is now being validated in the real world.

In particular this is challenging for:

  • Telecoms providers looking to deploy security to the edge and this will include internet satellite constellations in low earth orbit which featured numerous times in the conversations. This convergence of mobile, fixed and space security was of particular interest to me.
  • IoT providers who need to provide security for devices where physical space and computing resources are very limited.

There is a clear need for a low-overhead PQC solution that can secure these devices and networks – many of which will be deployed on a global scale.

2: Regulatory pressure is growing for US companies

Many governments are looking closely at mandating the move to PQC, but in my conversations it was the US companies that were feeling the pressure the most. NIST is mandating migration to PQC by 2030. But for many, the deadline in the supply chain is actually sooner if they have physical product deployed after 2027 with a greater than 3 year lifespan. It’s interesting to see this conversation moving from research to the boardroom, but some way to go for operations.

Everyone needs to get their migration plan drawn up and in motion, as soon as they can – but especially US companies, or those subject to US regulations. The complexity of the chosen PQC solution will have a material impact on those timelines – so looking for a solution that strikes the best balance of security and simplicity will be imperative.

3: Agentic AI is the next hot topic

Telecoms companies in particular are investing heavily in AI and are exploring the potential of agentic AI to improve customer service. Agentic AI, for the uninitiated, is an AI a customer can interact with, which can take actions for them (it has agency). I particularly loved the fascinating presentation given by Gil Rosen of Amdocs on this topic.

But this could pose security risks around authentication. Every instance of agentic AI can (and should) be classed as a distinct machine identity, but current security protocols are not designed to  secure communications between the AI and a customer in the way it will be used. How does Alice’s bot know it’s talking to Bob’s bot and not Eve’s bot – this really got my fraud and digital identity juices flowing.

I believe that this is a really exciting and relevant use cases for Cavero Quantum’s technology, which would enable customers to trust that the bot they are speaking with is genuine, and enable the bot to trust that it is speaking to a genuine customer.

Given that we have already have evidence of AI chatbots being used to perpetrate fraud in the UK, and only yesterday I was discussing the re-emergence of the old classic Wangiri fraud, reinvented for the AI age (a fraudster’s bot calls an enterprise bot, hangs up and waits for the bot to call back to a premium rate number). This feels like an urgent issue – and a great opportunity to get ahead of the fraudsters.

How Cavero can help

I’m pleased to say that we’re following up with a number of the people I spoke to at Mobile Future Forward, who were interested in how Cavero Quantum can help solve these challenges. We offer two technologies that work in tandem to provide quantum security at scale, even in constrained environments.

Symmetrikey: PQC for any environment

Symmetrikey is a new and unique quantum-safe key exchange protocol. It combines a variant of the Learning With Errors problem, which is also the basis of the NIST-approved ML-KEM, and correlation filtering inspired by quantum key distribution, to derive symmetric keys for encryption and authentication.

Symmetrikey has been demonstrated to run twice as fast as ML-KEM in benchmark tests, and has been successfully deployed on a SIM card, proving its ability to run in constrained environments. It is ideal for organisations looking to build the next generation of quantum-safe cybersecurity products and services, especially in low-compute use cases such as IoT and satellite communications.

Authentikey: quantum-safe and two-way endpoint authentication

Authentikey provides mutual endpoint authentication using the world’s first Continuous Trust Verification Protocol. From a wide range of initial trust anchors, Authentikey provides mutual authentication for every subsequent transaction using a shared ledger of key exchanges. Ideal for organisations implementing Zero-Trust or Continuous Adaptive Trust architectures, Authentikey is a complementary technology that can sit aside biometrics, passkey, and Continuous Authentication solutions.  It offers man-in-the-middle detection, and tests indicate it is faster than methods such as PKI, while remaining significantly easier to implement and run. Organisations can use Symmetrikey, ML-KEM, or ECDH keys with Authentikey, enabling crypto-agility and making the migration to quantum-safe migration smoother.

Sign up for the beta today

If you’re working to secure networks with low compute resources against quantum attack, you can request beta access to the Cavero Cryptographic Library, which will enable you to implement Authentikey in your network. Just fill in the form below to get in touch and we’ll get started.