Multichannel Hybrid Quantum Cryptography
- Multichannel hybrid quantum cryptography is a secure communication framework that integrates multiple quantum and classical channels to enhance confidentiality.
- It leverages diverse protocol constructions and physical encoding schemes to distribute trust and mitigate vulnerabilities.
- The approach demonstrates scalability by enabling parallel channel operations and measurable improvements in key rates and error resilience.
Multichannel hybrid quantum cryptography denotes a class of secure-communication schemes in which confidentiality or key establishment is produced by combining multiple communication channels, multiple physical degrees of freedom, or multiple cryptographic primitives rather than relying on a single standalone QKD mechanism. In the literature, “hybrid” appears in several distinct but related senses: joint use of quantum and classical channels for key derivation, combination of QKD with post-quantum cryptography (PQC), simultaneous encoding across multiple photonic degrees of freedom or wavelength channels, and architectures that add physical-layer protections or trusted-node segmentation to quantum-secured links (Rana et al., 2020, Gupta et al., 4 Dec 2025, Panda et al., 2024, Terhaar et al., 2022, Liñares et al., 14 Aug 2025). Correspondingly, “multichannel” can refer to parallel wavelength channels, separate spatial or polarization channels, multiple submarine links, or logically distinct information paths such as a quantum signal path and an auxiliary classical or entanglement-distribution path (Terhaar et al., 2022, Panda et al., 2024, Hosseinnezhad et al., 7 Jul 2025).
1. Conceptual scope and recurring architectural motifs
The literature presents multichannel hybrid quantum cryptography as a family of architectures rather than a single protocol lineage. One recurring form is the classical-quantum hybrid QKD design, exemplified by a scheme in which Alice and Bob exchange qubits over a quantum channel, exchange intermediate values over a classical channel, incorporate “natural random numbers” generated by a quantum computer, and derive the final key through hashing (Rana et al., 2020). A second form is the QKD-PQC hybrid, where information-theoretic key material from QKD is combined with computationally secure key establishment or signature components such as ML-KEM, ML-DSA, or SLH-DSA (Gupta et al., 4 Dec 2025, Chen, 30 Sep 2025). A third form is resource-level hybridization, in which a single photon carries several degrees of freedom that act as parallel communication channels, as in single-particle entangled-state protocols using orbital angular momentum, path, and polarization, or hybrid ququart schemes using polarization and OAM (Panda et al., 2024, Cabello et al., 2011). A fourth form is systems-level hybridization, where multiple wavelengths, detectors, time-tagging electronics, and FPGA post-processing are integrated into a parallel QKD stack (Terhaar et al., 2022).
These forms are united by an attempt to distribute security responsibility across more than one mechanism. In some papers, the additional layer is cryptographic: QKD output is combined with PQC output through KMAC, or a hidden instruction sequence determines a hybrid encryption cascade (Chen, 30 Sep 2025, Gupta et al., 4 Dec 2025). In others, the additional layer is physical: randomized phase modulation is combined with electromagnetic shielding and entanglement-assisted decryption, or submarine links are protected by channel multiplicity plus passive and active physical defenses (Hosseinnezhad et al., 7 Jul 2025, Liñares et al., 14 Aug 2025). This suggests that the field uses “hybrid” not merely to denote protocol composition, but to denote a broader defense-in-depth strategy in which secrecy depends on heterogeneity of channel, physics, and post-processing.
The multichannel aspect is likewise broader than simple multiplexing. In the fully parallelized telecom implementation, multichannel refers to wavelength-division multiplexing with up to 40 wavelength channels, a 64-channel SNSPD system, and a 64-channel TCSPC platform (Terhaar et al., 2022). In the 2D alternate quantum walk protocol, it refers to simultaneous use of the - and -position channels of a single-photon entangled state to carry two distinct messages (Panda et al., 2024). In submarine optical communications, it refers to physically separate submarine channels whose keys are combined so that an adversary must coordinate simultaneous access across several links (Liñares et al., 14 Aug 2025).
2. Hybrid protocol constructions and key-derivation workflows
A foundational example of multichannel hybrid QKD is the three-protocol construction in “Enhanced Quantum Key Distribution using Hybrid Channels and Natural Random Numbers” (Rana et al., 2020). Its central novelty is that it does not rely only on entanglement-based qubit exchange like standard BB84/Ekert-style schemes. Instead, Alice and Bob each prepare entangled qubit pairs, exchange one qubit of each pair over the quantum channel, perform local measurements, exchange measurement results and derived values over the classical channel, incorporate quantum-generated random numbers, and obtain the final key through a hash function. In Protocol 1, the workflow combines entanglement, XOR, concatenation, random numbers, and hashing in a two-stage hybrid key derivation. Protocol 2 makes the role of random numbers more explicit through parameterized qubit preparation with
followed by state manipulation, measurement, and hash-derived key construction. Protocol 3 increases the amount of classical mixing by introducing multiple random numbers, measurement-derived values , classical messages and , and a final
construction (Rana et al., 2020).
A distinct hybridization strategy appears in HOQS and HOQS+, where QKD, PQC, and a hybrid encryption layer are orchestrated by an information-theoretically secure instruction sequence (Gupta et al., 4 Dec 2025). A single cycle comprises instruction-sequence exchange, a BBM92 entanglement-based QKD primitive, a PQC primitive, and a hybrid-encryption primitive. In HOQS, the available message-encryption schemes are
while HOQS+ replaces PQC public-key encryption in the message cascade with symmetric techniques and uses
The system is designed so that the instruction sequence, encrypted by XOR with a subset of a pre-shared key, remains hidden even if both QKD and PQC key material are exposed through side-channel compromise (Gupta et al., 4 Dec 2025).
Another explicit composition framework is the hybrid key-exchange and signature design that combines QKD with NIST-standardized PQC algorithms (Chen, 30 Sep 2025). In the QKD + ML-KEM key exchange, ML-KEM yields 0, QKD yields 1, and the final shared secret is derived by KMAC with 2 as key and 3 as message, producing a 32-byte shared secret. In the three-source variant, ECDH yields 4, ML-KEM yields 5, and QKD yields 6; KMAC then uses 7 as key and 8 as message (Chen, 30 Sep 2025). The same paper extends hybridization to signatures by storing only a 32-byte Request Code for Signature 9 in the certificate and reconstructing the full ML-DSA signature from
0
where 1 and 2 are SHAKE expansions of QKD-derived randomness and the request code (Chen, 30 Sep 2025).
These constructions show that multichannel hybrid quantum cryptography is not confined to raw-key generation. It also encompasses hybrid key combiners, encryption cascades, and verification workflows in which quantum-generated or quantum-distributed randomness governs how classical cryptographic primitives are instantiated.
3. Encoding spaces, degrees of freedom, and multichannel physical realizations
Several works realize multichannel hybrid cryptography directly in the photonic state space. In the 2D alternate quantum walk protocol, Bob generates a public-key state
3
and Alice encodes two distinct classical messages by applying a shift operator
4
Because 5, Bob can apply 6 and recover
7
thereby reading the two messages independently from the 8- and 9-position labels (Panda et al., 2024). The protocol uses a single photon whose orbital angular momentum, path, and polarization encode the walker’s 0, 1, and coin degrees of freedom. The key itself is a genuine three-way or nonlocal two-way single-particle entangled state generated by the 2D alternate quantum walk (Panda et al., 2024).
Hybrid single-photon encoding is also central to the Kochen-Specker-protected ququart protocol, where a four-dimensional state is encoded jointly in polarization and OAM: 2 The protocol uses the 18-state, 9-basis Kochen-Specker set of Cabello–Estebaranz–García-Alcaine, and the same photon simultaneously carries both physical subsystems that define the ququart alphabet (Cabello et al., 2011). Here the hybrid aspect is not a quantum-classical channel split, but a joint encoding over two physical degrees of freedom of one photon.
High-dimensional spatial-mode QKD provides another form of hybridization. In the 545-dimensional demonstration, photon pairs generated by Type-II SPDC are position-momentum entangled, and Alice remotely prepares Bob’s spatial mode by projective measurement on the idler in either the position 3 or momentum 4 basis (Scarfe et al., 28 Mar 2025). Operationally, this combines entanglement-based QKD with prepare-and-measure behavior. The system dimension is set by the number of spatial modes per basis, and the implementation uses event-based single-photon cameras to define many channels in parallel via detector pixels (Scarfe et al., 28 Mar 2025).
At the systems level, the telecom COW-QKD implementation realizes multichannel hybridization through wavelength multiplexing and shared hardware resources. Alice’s architecture combines multiple distributed feedback lasers around 1550 nm, a DWDM/WDM multiplexer, a Mach–Zehnder modulator, attenuation to the single-photon level, and standard telecom fiber. Bob uses a time-basis path and a phase-basis path, with a single delay-line interferometer placed before de-multiplexing so that one interferometer serves multiple wavelengths (Terhaar et al., 2022). A rack-sized multichannel SNSPD system and a highly parallelized TCSPC unit complete the hybrid stack between quantum optical transport and classical event processing (Terhaar et al., 2022).
These examples establish that multichannel hybrid cryptography is often realized by exploiting structural multiplicity already present in photonic hardware: distinct wavelengths, spatial modes, quadratures, polarization sectors, OAM sectors, path modes, or entanglement resources.
4. Security models, guarantees, and threat assumptions
Security claims in multichannel hybrid quantum cryptography depend strongly on the layer at which hybridization occurs. In the 2020 hybrid-channel QKD proposal, the protocols are claimed to be unconditionally secure, resistant to eavesdropping because of the no-cloning theorem, strengthened by entanglement, protected by hashing, improved by true randomness, and immune to replay because they are one-time keys (Rana et al., 2020). The same source assumes that Alice and Bob already know the measurement basis beforehand, can prepare and manipulate entangled qubits locally, can transmit qubits over a noiseless or manageable quantum channel, and share a common pre-agreed basis for measurement (Rana et al., 2020). The paper also explicitly states that hash functions such as MD5 or SHA-256 are available (Rana et al., 2020).
In the HOQS+ architecture, the central security object is the information-theoretically secure instruction sequence
5
which selects the encryption schemes, the number of times they are used, and the order of cascaded encryption (Gupta et al., 4 Dec 2025). The security argument is that even if QKD keys are exposed and PQC keys are also exposed, message confidentiality can remain intact because an adversary still lacks the secret instruction order and configuration. The design further assumes that the primitives are independent, that no two consecutive encryption primitives are the same, and that the system avoids known cascade vulnerabilities such as meet-in-the-middle attacks and re-encryption attacks (Gupta et al., 4 Dec 2025). For the QKD primitive, the paper adopts a composable security parameter 6 together with the split
7
and compares Serfling, relaxed Chernoff, and exact Clopper–Pearson finite-key parameter-estimation bounds (Gupta et al., 4 Dec 2025).
The Kochen-Specker ququart protocol grounds security in contextuality rather than complementarity alone. Its key operational threshold is the wrong-state-identification probability 8, which must satisfy
9
equivalently
0
to exclude a classical noncontextual “ball attack” that can mimic complementarity but not the overlap structure of the 18-state Kochen-Specker set (Cabello et al., 2011). This is a specific answer to a common misconception that all prepare-and-measure quantum cryptographic security is exhausted by basis incompatibility.
The entanglement-assisted phase-obfuscation architecture adopts a layered threat model in which passive interception outside the shielded region yields phase reconstruction statistically indistinguishable from noise, while active quantum attacks such as intercept-resend or cloning fail because the adversary lacks the entangled partner photon needed for coherent phase recovery (Hosseinnezhad et al., 7 Jul 2025). The accessible information for Eve is bounded by a Holevo quantity, and the paper’s framing is that the absence of any classical phase-key transfer drives the accessible asymptotic information toward zero (Hosseinnezhad et al., 7 Jul 2025).
The submarine architecture adopts a different, explicitly non-end-to-end-quantum security model. Quantum security is provided on the coastal or continental-platform segments by autocompensating high-dimensional discrete-modulation CV-QKD, while the deep-water segments are classical but physically protected (Liñares et al., 14 Aug 2025). The multichannel security condition comes from key combination across 1 channels, for example
2
or the related 3 and 4 formulas using XOR and XNOR (Liñares et al., 14 Aug 2025). The security assumption is therefore that Eve must coordinate simultaneous attacks on several physically separated submarine lines while also overcoming passive and active additional physical layers of security (Liñares et al., 14 Aug 2025).
Taken together, these models show that “unconditional security” is not used uniformly across the literature. In some works it denotes a strong claim rooted in ideal quantum principles; in others the security discussion is explicitly composable and finite-key; in still others the guarantee is layered and conditional on shielding, trusted nodes, or physical inaccessibility.
5. Performance, scalability, and engineering trade-offs
Performance claims in multichannel hybrid quantum cryptography are correspondingly diverse. In the 545-dimensional spatial-mode demonstration, the maximum realized dimension was 5, with a QDER of 31.8% and a secret key rate of 1.51 bits per photon coincidence; the best operating point was 6, where the system achieved 5.07 bits per coincidence with a QDER of 5.95% (Scarfe et al., 28 Mar 2025). The source’s spatial Schmidt number was reported as 7, explaining why the best information efficiency occurred below the largest demonstrated Hilbert-space dimension (Scarfe et al., 28 Mar 2025). The proof-of-principle experiment used a TPX3CAM with overall detection efficiency roughly 5.3%, camera quantum efficiency about 8%, singles rates around 8 per second, and a coincidence rate about 9 per second over a 100-second acquisition window (Scarfe et al., 28 Mar 2025).
In the fully parallelized telecom implementation, multichannel throughput is the primary metric. The architecture demonstrated up to 40 wavelength channels in the sender, a 64-channel SNSPD design, and a 64-channel TCSPC/time-tagging system with digital resolution of 5 ps, dead time of 650 ps, and throughput up to 1.6 G events/s (Terhaar et al., 2022). The detector subsystem, fabricated from 4.4 nm NbTiN and cooled to 3.6 K, achieved average system detection efficiency of 40% across up to 37 channels, individual detector efficiencies of 20% to 60%, count rates up to 20 MHz, timing precision below 120 ps, and dark count rates below 150 Hz before transport (Terhaar et al., 2022). For QKD operation, back-to-back secret key rates between 0.6 and 3.2 Mbit/s per channel were reported over a 35-minute run, with a combined secret key rate of 13.2 Mbit/s across the 9 usable channels; at 26.6 dB attenuation, corresponding roughly to 130 km standard single-mode fiber, the secret key rate was 3.82 kbit/s (Terhaar et al., 2022).
HOQS+ emphasizes scalability of post-processing rather than raw optical parallelism. The system was tested over a 1.5 m free-space channel and observed a mean QBER of about 0 (Gupta et al., 4 Dec 2025). The engineering result is that HE processing time in HOQS+ is almost constant in 1, whereas HOQS could not complete successful runs beyond 2 because recursive ciphertext growth led to timeout issues (Gupta et al., 4 Dec 2025). The replacement of PQC public-key encryption with Kyber KEM plus symmetric encryption, the use of Ascon in the message cascade, and the policy of appending the AES nonce only once to the final ciphertext were introduced to obtain linear processing-time scaling with the size of secret instructions (Gupta et al., 4 Dec 2025).
The phase-obfuscation and entanglement-assisted decryption framework reports simulation metrics over 10,000 entangled transmissions per scenario, using an SPDC-based entangled photon pair generator, a dynamic electromagnetic shield with 45 dB attenuation in the probe band, depolarizing channel noise with probability 3, and a TCSPC module with 3% dark count (Hosseinnezhad et al., 7 Jul 2025). For legitimate Bob, the mean phase reconstruction accuracy is 99.1% and the mean fidelity to the ideal state is about 4. For a passive classical eavesdropper, phase recovery success is 5 with signal fidelity about 6; for a quantum interceptor lacking entanglement, phase recovery success is 3.4% with fidelity 7 (Hosseinnezhad et al., 7 Jul 2025). The same paper reports coherence visibility 8 and entanglement negativity of 0.86 after modulation and shielding (Hosseinnezhad et al., 7 Jul 2025).
In the single-photon dual-messaging protocol, the performance result is not stated as a key rate but as a throughput gain: one entangled photon carries two independent messages simultaneously, using 9- and 0-position channels of a 2D alternate quantum walk state (Panda et al., 2024). In the submarine setting, the principal scalability claim is architectural: for the high-dimensional discrete-modulation CV-QKD component, both QBER and SKR increase with dimension, and for 1 the rate satisfies 2, so the two-mode protocol outperforms two independent single-mode channels under the stated attack model (Liñares et al., 14 Aug 2025).
These results indicate that scalability in the field is measured in several incompatible but complementary ways: alphabet dimension, parallel wavelength count, message multiplicity per photon, finite-key processing scalability, and attack complexity across multiple physical links.
6. Limitations, contested points, and research directions
The literature is explicit that hybridization does not eliminate the need for rigorous security and implementation analysis. The 2020 hybrid-channel QKD paper does not fully formalize several points: the random-number formula is not mathematically justified, several equations are typographically inconsistent or unclear, no rigorous proof of unconditional security is provided, no explicit error-correction or privacy-amplification analysis is given, no noise, channel-loss, or attack-model simulation is presented beyond general claims, and the protocols are described at a high level rather than with precise operational specifications (Rana et al., 2020). Its claim that prior algorithms required 3 qubits whereas the proposed number of qubits is limited to a single digit, irrespective of their length, is therefore best read as a design claim within that paper’s own framework rather than as a generally established complexity result (Rana et al., 2020).
The more recent hybrid QKD-PQC systems also retain important assumptions. HOQS+ depends on a pre-shared information-theoretically secure PSK, authenticated classical channels, the validity of BBM92 finite-key assumptions, secrecy of the instruction sequence, and the adversary’s inability to obtain all PSK-derived material; the paper further notes that the security discussion is primarily argument-based rather than a full formal proof under a unified hybrid model, and that the Clopper–Pearson and relaxed Chernoff optimizations are computationally expensive (Gupta et al., 4 Dec 2025). The NIST-PQC-plus-QKD hybrid key-exchange and signature framework was evaluated on a simulator for the QKD component, so its timing results do not include network transmission latency and its BB84/E91 performance reflects simulator execution rather than deployed photonic hardware (Chen, 30 Sep 2025).
Resource-level hybrid protocols carry device-level constraints. The single-photon dual-messaging AQW scheme requires careful control of AQW parameters and high-quality photonic elements, and its security claims rely on idealized assumptions while benefiting in practice from privacy amplification and hardware isolation (Panda et al., 2024). The 545-dimensional spatial-mode QKD system is still sparse in its use of detector pixels, with only about 12.7% of the 4293 available pixels used as modes in the best case reported, and its proof-of-principle setup used one camera rather than the at least two, preferably four, cameras envisioned for scalable deployment (Scarfe et al., 28 Mar 2025). The fully parallelized telecom QKD system was constrained by cryogenic thermal instability, reducing active channels from 64 to 32, then 22, and finally 9 usable QKD channels in the reported experiment (Terhaar et al., 2022). The proof-of-principle setup also used the same modulation pattern for all channels, whereas real deployment would require independent modulation per channel (Terhaar et al., 2022).
The submarine architecture makes perhaps the clearest statement of scope: its deep-water segments are not quantum-secure in the strict sense, trusted nodes or classical processing are still required, some additional physical layers of security demand extra hardware, and active sensing approaches may require further experimental validation (Liñares et al., 14 Aug 2025). This suggests that one important research direction is formalization of layered security models that mix quantum security, cryptographic key combination, and physical inaccessibility. Another is the unification of finite-key analysis, side-channel modeling, and multichannel systems engineering, particularly in architectures where a hidden control structure—such as an instruction sequence, multichannel key-combination rule, or photonic degree-of-freedom map—becomes part of the effective security boundary (Gupta et al., 4 Dec 2025, Liñares et al., 14 Aug 2025).
Multichannel hybrid quantum cryptography therefore remains a heterogeneous research area rather than a settled protocol family. Its central theme is consistent across the literature: security and scalability are sought by distributing trust across multiple channels, degrees of freedom, or primitive classes. What varies is the layer at which this distribution occurs—state encoding, channel topology, protocol composition, or hardware stack—and the extent to which the resulting security claims have been formalized under realistic noise, leakage, and finite-resource assumptions.