This work addresses the security and real-time performance challenges faced by practical deployments of quantum key distribution (QKD) and post-quantum cryptography (PQC) hybrid systems under composite threats—including QKD side-channel attacks, PQC algorithmic cryptanalysis, and vulnerabilities at the integration layer. Methodologically, it proposes a high-security, low-overhead co-design architecture featuring: (i) the first dynamic obfuscation of QKD–PQC operational workflows—enabling real-time adjustment of execution sequence, invocation frequency, and cryptographic parameters; and (ii) a lightweight, GPS-free quantum synchronization protocol. Contributions include: significantly enhanced adaptability to unknown attacks and deeper defense-in-depth; measured overhead increase <3% and end-to-end encryption latency within milliseconds; and robustness against known practical attacks in realistic channels—including laser damage, parameter leakage, and key reuse. To date, this system represents one of the most secure hybrid cryptographic communication solutions suitable for engineering deployment.

In this work, we present an experimental deployment of a new design for combined quantum key distribution (QKD) and post-quantum cryptography (PQC). Novel to our system is the dynamic obfuscation of the QKD-PQC sequence of operations, the number of operations, and parameters related to the operations; coupled to the integration of a GPS-free quantum synchronization protocol within the QKD process. We compare the performance and overhead of our QKD-PQC system relative to a standard QKD system with one-time pad encryption, demonstrating that our design can operate in real time with little additional overhead caused by the new security features. Since our system can offer additional defensive strategies against a wide spectrum of practical attacks that undermine deployed QKD, PQC, and certain combinations of these two primitives, we suggest that our design represents one of the most secure communication systems currently available. Given the dynamic nature of its obfuscation attributes, our new system can also be adapted in the field to defeat yet-to-be-discovered practical attacks.