1. 5
  1.  

  2. 3

    My scheme was pre-shared keys in inexpensive HSM’s (even servers with smartcards). They do multiple layers of symmetric encryption, integrity, and non-asymetric authentication. You use them as foundation to do the rest. Using standard, highly-vetted libraries & constructions such as DJB’s reduces odds of implementation bugs. Symmetric algorithms have been formally verified down to ASM & Verilog. The scheme should also be cheaper than whatever QKD companies charge. You also have supplier diversity to mitigate some subversion risks.