A Hybrid Module-LWE and Hash-Based Framework for Memory-Efficient Post-Quantum Key Encapsulation
Deploying post-quantum cryptography on highly constrained devices remains challenging due to the large key sizes and substantial storage and memory-traffic demands of leading lattice-based schemes. Although constructions such as Kyber, Dilithium, and NTRU offer strong resistance against quantum adversaries, their multi-kilobyte public keys and intensive memory access patterns limit practical adoption in microcontrollers, smart cards, and low-power edge environments. This work proposes a hybrid key-encapsulation mechanism that integrates a compact, seed-generated Module-LWE structure with a quantum-secure hash-based authentication layer. The design employs a small public seed to instantiate lattice matrices on demand via a lightweight pseudorandom generator and incorporates a Merkle-tree commitment to represent compressed auxiliary error information. Additional design considerations—including sparsity-aware secret keys, SIMD-friendly polynomial operations, and cache-efficient decryption paths—are intended to reduce runtime memory usage and computational overhead. The security of the proposed construction is analysed under both Module-LWE and hash-based one-way assumptions, with further consideration of constant-time execution and cache-line alignment to mitigate side-channel risks. This hybrid approach outlines a design pathway toward post-quantum key-encapsulation mechanisms suitable for deployment on memory-limited and energy-constrained platforms.