Learn
0%
Build
0%

KMS & PQC Key Management

Master PQC key management patterns: envelope encryption with ML-KEM, hybrid key wrapping, and cross-provider KMS strategies.

Post-quantum cryptography fundamentally changes how organizations manage keys. establishes that is a Key Encapsulation Mechanism only — it cannot sign. Similarly, is for signatures only — it cannot encapsulate. This strict algorithm separation replaces the dual-use nature of , which could both encrypt and sign.

“A KEM can only establish a shared secret, not directly encrypt arbitrary data. Applications that relied on RSA PKCS#1 v1.5 or RSA-OAEP for direct encryption must adopt an envelope encryption pattern when migrating to ML-KEM.”

— NIST SP 800-227, Recommendations for Key-Encapsulation Mechanisms

Classical: RSA Dual-Use
  • • RSA-OAEP: direct encryption of data/keys
  • • RSA-PSS: digital signatures
  • • One key pair serves both purposes
  • • Simple key inventory: 1 key pair per entity
PQC: Strict Separation
  • • ML-KEM: key encapsulation only (KEM)
  • • ML-DSA: digital signatures only
  • • Two key pairs per entity minimum
  • • Key inventory doubles during transition
Key Size Comparison
AlgorithmPublic KeyPrivate KeySig / CTSecurity
RSA-2048256 B1,192 B256 BLevel 1 (classical)
RSA-3072384 B1,766 B384 BLevel 1 (classical)
ECDSA P-25665 B32 B64 BLevel 1 (classical)
ML-KEM-512800 B1,632 B768 BNIST Level 1
ML-KEM-7681,184 B2,400 B1,088 BNIST Level 3
ML-KEM-10241,568 B3,168 B1,568 BNIST Level 5
ML-DSA-441,312 B2,560 B2,420 BNIST Level 2
ML-DSA-651,952 B4,032 B3,309 BNIST Level 3
ML-DSA-872,592 B4,896 B4,627 BNIST Level 5

PQC keys are significantly larger than classical equivalents — 4–10× vs RSA baselines, and up to 40× vs ECDSA P-256 — impacting HSM storage, certificate sizes, and network bandwidth during key distribution.

Related Resources

HSM & PQC Operations
PKCS#11 v3.2 mechanisms, firmware migration, and FIPS validation
Crypto Agility
Design patterns for algorithm-agnostic cryptographic infrastructure
Hybrid Cryptography
Classical + PQC hybrid schemes for the transition period
Migration Guide
Software catalog and migration workflows
Secrets Management
Vault, cloud secrets engines, and PQC rotation policies
Database Encryption
TDE, column-level encryption, and BYOK key management
AI Security & PQC
AI model security, data pipeline encryption, and PQC for ML workloads

Products shown here are a representative selection — not an exhaustive list. For the full vendor landscape with PQC readiness status, visit the Tools & Products tab in this module or browse the Migrate catalog →

Design key hierarchies, visualize envelope encryption, and plan PQC rotation strategies.

Check off all sections and mark this reading done.

Learning module content can be inaccurate. Please double-check its information. Report inaccuracies in PQC Today GitHub Discussions.