The Post-Quantum Patents That Hedge Their Bets by Encapsulating Twice

Start with the problem the standards bodies are actually worried about. Post-quantum cryptography is new. The lattice and code-based schemes now being standardized have not had the decades of attack that RSA and elliptic-curve crypto survived, and the unnerving possibility is that one of them turns out to be weaker than believed. A patent family classified under H04L 9/0852 — the CPC subclass for cryptographic key agreement and distribution — answers that worry with a hedge rather than a bet.

The foundational grant, US11153080B1 ("Network securing device data using two post-quantum cryptography key encapsulation mechanisms," issued October 2021), describes deriving a shared secret from two KEMs at once. A key encapsulation mechanism is the modern replacement for the old "encrypt a random key with the recipient's public key" handshake: the sender encapsulates a secret to the recipient's public key, the recipient decapsulates it, and both now hold the same value. Run two independent KEMs and combine their outputs, and an attacker has to break both to recover the secret.

The independent claim is where the hedge becomes concrete, and it is worth reading rather than paraphrasing from the title. The method ties the final shared key to the outputs of both encapsulations, so a compromise of a single mechanism does not by itself expose the session. That is a structural defense, not a parameter choice — the security rests on the combination, not on either algorithm being perfect.

This is a family, not a one-off, and the continuation grants are the real signal. The same inventor line carries through US12192184B2 (secure session resumption using PQC, January 2025), US12301709B2 (multiple PQC key encapsulations with authentication and forward secrecy, May 2025), and US12388631B2 (systems and methods for secure communication using PQC, August 2025). The recurring theme across half a decade of grants is the same: multiple encapsulations, forward secrecy, and a deliberate refusal to depend on a single post-quantum primitive.

Note the editorial discipline these are issued grants, kind code B2/B1, not pending applications. That distinction matters on this desk because a granted claim has survived examination and defines enforceable scope; an application is a request. Everything cited here cleared the patent office.

Why it is notable now: as organizations begin the slow migration to post-quantum algorithms, the engineering question is not only "which algorithm" but "how do we deploy it without betting everything on it." These patents stake out the hybrid answer at the claim level. They do not prove any particular product ships this scheme — a patent is a method, not a shipped feature — but they show that the hedge-by-encapsulating-twice idea is staked, dated, and granted.