Kloch uses a patented architecture that avoids traditional key exchange and minimizes key handling by continuously evolving encryption states. State evolution occurs automatically and can advance thousands of times per minute based on live communication activity, without transmitting key material in the data path.
KLOCH establishes a shared secret between trusted endpoints using the Crystals Kyber KEM (Key Encapsulation Mechanism), then evolves the key continuously from that initial shared secret during normal communication. Rather than negotiating and exchanging session keys in-band, the system derives evolving encryption states internally and keeps all key material out of the traffic itself.
The result is a model that reduces exposure associated with key exchange, negotiation, and long-lived key use by eliminating the transmission of key data after the initial KEM establishment.
1
Avoids traditional in-band key exchange and negotiation
2
Key material evolves without being transmitted
3
Can work with other KEM methods for the inital Shared secret
KLOCH is built around state transformation over time. Encryption states evolve as communication occurs, driven by events in the data flow instead of fixed schedules. This removes clocking related issues and reduces the window in which any single state is valid and limits the value of captured traffic over time.
Depending on traffic and configuration, state evolution can progress thousands of times per minute, without operator intervention or manual rotation procedures.
1
Event-driven evolution tied to live communication activity
2
Thousands of state changes per minute based on traffic and configuration
3
No fixed rotation schedule required for state advancement
KLOCH is designed to reduce day-to-day key operations that typically create operational burden and risk. Instead of frequent manual rotation, session key distribution, or ongoing key lifecycle tasks, endpoints operate with continuously evolving states that advance automatically during normal communication.
This supports a near hands-off posture while maintaining strong key hygiene over long lifecycles.
1
Minimizes manual rotation, distribution, and lifecycle procedures
2
Reduces the operational burden of frequent key handling
3
Supports long-term deployments without constant key administration
Because KLOCH avoids transmitting key material and continuously evolves encryption states, intercepted traffic has diminishing value over time. This model reduces reliance on static key assumptions and predictable exchange artifacts that attackers can target for replay, correlation, or long-term decryption efforts.
It is designed for environments where data confidentiality must hold over extended operational lifecycles.
1
Avoids static key assumptions and predictable exchange artifacts
2
Limits replay and long-term harvesting value of intercepted traffic
3
Designed for long-term confidentiality across operational lifecycles
