PQCVisualization

ML-KEM: Multi-Lattice Key Encapsulation Mechanism

A quantum-resistant key exchange algorithm standardized in FIPS 203

Security Basis
Module Learning With Errors (MLWE)
Primary Use
Secure Key Exchange
Replaces
RSA & ECC Key Exchange
Previously Known As
CRYSTALS-Kyber

About ML-KEM

ML-KEM (previously known as CRYSTALS-Kyber) is a lattice-based key encapsulation mechanism standardized by NIST as FIPS 203. It provides a quantum-resistant way to establish shared secret keys between parties.

The algorithm is based on the hardness of the Module Learning With Errors (MLWE) problem, making it resistant to attacks from both classical and quantum computers.

ML-KEM is designed to replace current key exchange algorithms like RSA and Elliptic Curve Diffie-Hellman (ECDH) in TLS and other protocols, ensuring that encrypted communications remain secure even in the quantum era.

Security Levels

512

ML-KEM-512

128-bit security level

768

ML-KEM-768

192-bit security level

1024

ML-KEM-1024

256-bit security level

How ML-KEM Works

1. Key Generation

Alice generates a key pair consisting of a public key and a secret key, based on randomly sampled polynomials in a special ring.

Output: Public Key, Secret Key

2. Encapsulation

Bob takes Alice's public key, generates a random value, and uses it to derive a shared secret. He also creates a ciphertext to send to Alice.

Input: Alice's Public Key
Output: Ciphertext, Shared Secret

3. Decapsulation

Alice uses her secret key and the ciphertext from Bob to recover the same shared secret, without any further communication.

Input: Alice's Secret Key, Bob's Cipher Text
Output: Shared Secret
The shared secret derived by both parties can then be used as a symmetric encryption key to secure their communications.

ML-KEM Operations

ML-KEM Operations

Explore ML-KEM's key generation, encapsulation, and decapsulation operations at different security levels.

Parameters

Result

Select parameters and execute an operation to see results

Interactive ML-KEM Demo

Try ML-KEM Key Exchange with AES

Experience the full ML-KEM workflow with our interactive implementation. Generate keys, encapsulate and decapsulate shared secrets, then use the resulting key for AES encryption and decryption.

Interactive ML-KEM Demo

Real-World Applications

ML-KEM is designed to be integrated into existing protocols and applications to provide quantum resistance. Here are some common use cases:

TLS/SSL Protocols

Securing web traffic with quantum-resistant key exchange in HTTPS connections.

Secure Messaging

End-to-end encrypted messaging apps for long-term security against quantum attacks.

VPN Tunnels

Quantum-safe VPN connections for secure remote access and corporate networking.

Back to Algorithms

PQC Visualization - Explore Post-Quantum Cryptography Standards

A demonstration of NIST's FIPS 203, 204, and 205 standards