Chrome, AWS, Cloudflare, and the Linux kernel have all started shipping ML-KEM: the post-quantum key exchange standardised as FIPS 203. If you're doing anything with TLS, this is your stack now.
I wrote a full deep-dive covering everything from first principles:
- Why RSA fails against quantum: Shor's algorithm, Harvest Now Decrypt Later, and why the migration is already happening
- Lattices and the hard problem: why finding the nearest point in 768 dimensions is computationally infeasible, even for quantum computers
- Polynomial rings: how ML-KEM packs 256 numbers into a single algebraic object and operates on them efficiently via NTT
- Module-LWE: the one hardness assumption the whole thing rests on
- KeyGen, Encaps, Decaps: built up step by step with the actual math
- The Fujisaki-Okamoto transform: how you go from "CPA-secure toy" to "IND-CCA2 production primitive", and why implicit rejection matters
The post has interactive diagrams, draggable lattice visualisations, a live noise/decryption-failure slider, so the intuition actually lands.
No hand-waving. No "just trust the math". The full derivation of why the noise terms cancel for Bob but nobody else.
👉 Full post on niklas-heringer.com
Part of the Hacker's Guide to Cryptography series. Part 1 covers groups, rings, and modular arithmetic if you need the foundations.
Top comments (0)