Hall 4 · Exhibit 4 1 min
How ML-KEM (Kyber) Works
The key encapsulation mechanism protocol
TypeKEM — transports a 256-bit symmetric key
Three stepsKeygen → encapsulate → decapsulate
Data encryptionStill AES-256-GCM
TiersML-KEM-512 / 768 / 1024
Try it yourself
PQC Toolkit
Filterable algorithm cards for every PQC family.
is a Key Encapsulation Mechanism — its sole job is to securely transport a small 256-bit symmetric key between two parties. Actual data encryption uses AES-256-GCM.
The Three-Step Handshake
1 · Key generation
Server makes a private key (clean lattice matrix) and a public key (same matrix + noise), and sends the noisy public key.
2 · Encapsulation
Client picks a random 256-bit key, mixes it into the public key, and adds more noise — pure chaos to any observer.
3 · Decapsulation
Server applies its private-key trapdoor, cancels every noise layer, and recovers the identical symmetric key.
Scalability Tiers
- •ML-KEM-512: 2×2 module matrix — fastest, standard security ( equivalent)
- •ML-KEM-768: 3×3 matrix — high security (AES-192), used in hybrid
- •ML-KEM-1024: 4×4 matrix — top-secret tier (), mandate
Explore more in the atlas
Key Takeaways
- ML-KEM transports a 256-bit symmetric key — it doesn't encrypt data directly
- Three steps: key generation (add noise), encapsulation (add more noise), decapsulation (cancel noise with trapdoor)
- Scalability tiers: ML-KEM-512/768/1024 for standard/high/top-secret security