Beyond Ad-Hoc Lattices: Secure KEM-Based Post-Quantum Authentication

Most post-quantum (PQ) authentication and key agreement (AKA) protocols proposed for IoT, edge, and 6G systems still rely on ad-hoc lattice constructions, often derived from the Ring-Learning-With-Errors (RLWE) problem. Although mathematically elegant, these protocols repeatedly exhibit structural weaknesses, such as signal-leakage, key-reuse, and no mapping to NIST PQ security levels, that prevent real deployment. This article reviews these systemic issues and contrasts them with standardized, KEM-based PQ designs such as ML-KEM (Kyber). We show that encapsulation-based AKA architectures inherit both efficiency and full cryptographic assurance, eliminating the leakage channels and cumulative vulnerabilities inherent in RLWE protocols. We advocate a transition from ad-hoc lattice protocols to standardized encapsulation-based frameworks as the foundation for secure PQ authentication in consumer, IoT, and 6G systems.