Skip to content

Composite Hybrid Keys — Use Cases & Quantum Protection

When and why to use Composite Hybrid Keys for defense-in-depth security against quantum computer attacks.

Overview: The Quantum Threat

Problem: Large-scale quantum computers will break classical cryptography (RSA, ECDSA, ECDH) within the next 10-15 years.

"Harvest Now, Decrypt Later" (HNDR): Adversaries are collecting encrypted data today to decrypt it once quantum computers are available. Data with 10+ year sensitivity is already at risk.

Solution: Composite Hybrid Keys combine classical and post-quantum algorithms, requiring attackers to break BOTH to compromise your data.

Security model: AND-decrypt — 1000× more secure than OR-decrypt alternatives.

Use Case 1: Government & Defense

Scenario

Federal agency storing classified documents with 30+ year retention requirements under NSM-10 mandate.

Challenge: Data classified as SECRET or TOP SECRET must remain protected beyond the quantum computing threat horizon.

Composite Solution

Algorithm combination: X25519 + ML-KEM-768 (NIST Level 3)

curl -X POST https://api.ankatech.co/api/key-management/composite-keys \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "kid": "classified-docs-encryption",
    "mode": "HYBRID_KEM_COMBINE",
    "components": [
      {"role": "classical", "algorithm": "X25519"},
      {"role": "pqc", "algorithm": "ML-KEM-768"}
    ],
    "kdf": "HKDF-SHA256"
  }'

Compliance: NIST CSWP 39 §3.2.4, GSA PQC Buyer's Guide §6.3, NSM-10

Business value: Meets federal procurement requirements, eligible for HNDR protection certification, ready for quantum transition timeline.

Use Case 2: Financial Services

Scenario

Bank storing transaction records with 10-20 year regulatory retention (SOX, PCI-DSS, GDPR).

Challenge: Wire transfer details, account statements, and audit logs must remain confidential for the entire retention period, including against future quantum decryption.

Composite Solution

Algorithm combination: RSA-3072 + ML-KEM-768 (balanced security)

GenerateCompositeKeySpec spec = new GenerateCompositeKeySpec()
    .setKid("transaction-archive-encryption")
    .setMode(GenerateCompositeKeySpec.Mode.HYBRID_KEM_COMBINE)
    .addComponent(ComponentSpec.classical("RSA-3072"))
    .addComponent(ComponentSpec.pqc("ML-KEM-768"))
    .setKdf("HKDF-SHA256")
    .setMaxUsageLimit(10000000);

sdk.generateCompositeKey(spec);

Compliance: Addresses PCI-DSS 4.0 quantum readiness, GDPR Article 32 (state-of-the-art encryption)

Business value: Risk mitigation for $trillions in archived transactions, competitive advantage for quantum-safe banking, insurance premium reductions.

Use Case 3: Healthcare (HIPAA)

Scenario

Hospital system protecting Electronic Health Records (EHR) with lifetime retention for patients.

Challenge: Medical records contain sensitive genetic information, mental health history, and treatment details requiring permanent confidentiality under HIPAA.

Composite Solution

Algorithm combination: X25519 + ML-KEM-1024 (maximum security for sensitive medical data)

ankasecure-crypto generate-composite-key \
  --kid "patient-ehr-encryption" \
  --mode HYBRID_KEM_COMBINE \
  --classical X25519 \
  --pqc ML-KEM-1024 \
  --kdf HKDF-SHA256 \
  --validity-years 100

Compliance: HIPAA + quantum resistance, HITECH Act, FDA medical device security

Business value: Patient trust protection, breach liability mitigation (avg. $10.93M per healthcare breach), quantum-safe competitive differentiation.

Use Case 4: Critical Infrastructure (SCADA)

Scenario

Utility company securing control systems for power grid with 20-40 year operational lifespan.

Challenge: SCADA systems control critical infrastructure and cannot be easily upgraded. Encryption keys must remain secure for decades.

Composite Solution

Algorithm combination: RSA-4096 + ML-KEM-1024 (maximum security level)

Dual signatures: Ed25519 + ML-DSA-87 for command authentication

{
  "encryptionKey": {
    "kid": "scada-command-encryption",
    "mode": "HYBRID_KEM_COMBINE",
    "components": [
      {"role": "classical", "algorithm": "RSA-4096"},
      {"role": "pqc", "algorithm": "ML-KEM-1024"}
    ]
  },
  "signatureKey": {
    "kid": "scada-command-signature",
    "mode": "DUALSIGN",
    "components": [
      {"role": "classical", "algorithm": "Ed25519"},
      {"role": "pqc", "algorithm": "ML-DSA-87"}
    ],
    "verificationPolicy": "ALL"
  }
}

Compliance: NERC CIP (Critical Infrastructure Protection), ISA/IEC 62443

Business value: National security protection, infrastructure resilience against nation-state quantum capabilities, regulatory compliance for utilities.

Use Case 5: Cloud Providers (Enterprise Tiers)

Scenario

Cloud storage provider offering "Quantum-Safe Premium" tier for enterprise customers.

Challenge: Differentiate premium offerings with maximum data protection for customers storing trade secrets, IP, and sensitive business data.

Composite Solution

Product tier structure:

  • Standard: Simple ML-KEM-768 encryption
  • Professional: Simple ML-KEM-1024 encryption
  • Quantum-Safe Premium: Composite X25519 + ML-KEM-1024 (AND-decrypt)
# Premium tier encryption
curl -X POST https://api.cloud-provider.com/v1/encrypt \
  -H "X-Encryption-Tier: quantum-safe-premium" \
  -d @sensitive-file.dat

Compliance: SOC 2 Type II + quantum readiness, ISO 27001, FedRAMP

Business value: Premium pricing (+30% vs standard tier), customer retention for sensitive workloads, competitive differentiation ("only provider with true quantum-safe AND-decrypt").

Decision Matrix: When to Use Composite vs Simple Keys

Criteria Simple Keys Composite Keys
Data sensitivity Medium (public after 5 years) High (confidential 10+ years)
Retention period < 5 years 10+ years
Regulatory requirements Standard compliance Federal, financial, healthcare
Quantum threat model Acceptable risk HNDR protection required
Performance requirements High-frequency operations Medium-frequency, high-value
Compliance FIPS 140-2 sufficient NIST CSWP 39, GSA PQC, NSM-10
Cost sensitivity Budget-conscious Security-first

Recommendation: Use Composite Keys when data must remain confidential beyond the quantum computing threat horizon (2030-2040 estimates).

Migration Path: SIMPLE → COMPOSITE

Upgrade existing encrypted data to quantum-resistant composite encryption without decrypting to plaintext.

Step 1: Generate composite key

curl -X POST https://api.ankatech.co/api/key-management/composite-keys \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "kid": "upgraded-composite-key",
    "mode": "HYBRID_KEM_COMBINE",
    "components": [
      {"role": "classical", "algorithm": "X25519"},
      {"role": "pqc", "algorithm": "ML-KEM-768"}
    ]
  }'

Step 2: Re-encrypt in-place (no plaintext exposure)

curl -X POST https://api.ankatech.co/api/crypto/re-encrypt \
  -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "sourceKid": "old-simple-key",
    "targetKid": "upgraded-composite-key",
    "jweToken": "eyJhbGciOiJNTC1LRU0tNzY4Ii..."
  }'

Result: Data now protected with composite hybrid encryption, requiring both classical AND PQC components to decrypt.

Performance: ~2.0x overhead vs simple keys (acceptable for high-value data).

Performance vs Security Trade-offs

Performance Characteristics

Operation Simple ML-KEM Composite (X25519+ML-KEM) Overhead
Key generation ~5 ms ~10 ms 2.0x
Encryption ~3 ms ~5 ms 1.7x
Decryption ~3 ms ~5 ms 1.7x
Ciphertext size ~1.2× plaintext ~1.3× plaintext Minor

Verdict: Acceptable overhead for high-value data with 10+ year retention.

When Performance Matters

Use simple keys for:

  • High-frequency operations (>1000 ops/sec)
  • Short-term data (<2 years sensitivity)
  • Development and testing environments

Use composite keys for:

  • Long-term archives (10+ years)
  • Regulated industries (government, finance, healthcare)
  • High-value intellectual property
  • Compliance-driven quantum readiness

Compliance Summary

Standard Requirement Composite Keys Support
NIST CSWP 39 Hybrid cryptography for quantum transition ✅ 100% compliant
GSA PQC Buyer's Guide HNDR mitigation via AND-decrypt ✅ Unique implementation
NSM-10 Federal quantum readiness by 2035 ✅ Ready today
FIPS 203/204/205 NIST-approved PQC algorithms ✅ ML-KEM, ML-DSA, SLH-DSA
SOC 2 Type II State-of-the-art encryption ✅ Quantum-resistant controls
HIPAA Encryption for PHI ✅ Enhanced with quantum protection
PCI-DSS 4.0 Quantum readiness for payment data ✅ Addresses future requirements

Next Steps

Get started:

Deep dive:

Help & support: [email protected]

Document Version 3.0.0 -- updated December 2025 © 2025 ANKATech Solutions INC. All rights reserved.