Post-quantum key generation is expensive. ML-KEM (Kyber) keygen takes 33.3µs. Dilithium keygen takes 36.6µs. For high-throughput applications processing millions of requests per second, these microseconds add up fast.
Our solution: pre-generated key pools. By generating keys in advance during idle time, we reduce effective keygen latency to sub-microsecond levels—a 79-104x improvement.
The Problem with On-Demand Keygen
Consider a typical authentication flow:
- User initiates authentication
- Generate ephemeral Dilithium keypair (36.6µs)
- Sign challenge (45µs)
- Verify signature (36.9µs)
- Generate ML-KEM keypair for session (33.3µs)
- Establish encrypted channel (72.6µs)
Key generation alone accounts for 70µs—nearly 30% of a complete authentication. At scale, this becomes the bottleneck.
How Key Pools Work
The key insight is that cryptographic key generation doesn't need user-specific input. Keys are random—we can generate them in advance.
// Traditional approach: generate on demand
let keypair = dilithium::keygen(); // 36.6µs
// Pool approach: grab pre-generated key
let keypair = key_pool.acquire(); // 0.35µsOur pool architecture:
- Background generation: Dedicated threads continuously generate keys during idle periods
- Lock-free queues: MPMC queues allow concurrent access without blocking
- Adaptive sizing: Pool size adjusts based on request rate and key consumption
- Secure memory: Keys are stored in mlock'd memory, never swapped to disk
Benchmark Results
January 2026 benchmarks on AWS c8g.metal-48xl (AWS Graviton4, 96 cores):
| Operation | Direct | Pool | Speedup |
|---|---|---|---|
| ML-KEM Keygen | 33.3 µs | 0.42 µs | 79x |
| Dilithium Keygen | 36.6 µs | 0.38 µs | 96x |
| Signature Pool Keygen | 36.6 µs | 0.35 µs | 104x |
Throughput Impact
The throughput improvements are dramatic:
| Operation | Single Thread | With Pool | 64-Core Max |
|---|---|---|---|
| ML-KEM Keygen | 30,030 ops/sec | 2.38M ops/sec | 152M ops/sec |
| Dilithium Keygen | 27,322 ops/sec | 2.63M ops/sec | 168M ops/sec |
152 Million Keys Per Second
With key pooling and 64 cores, H33 can generate 152 million ML-KEM keypairs per second. That's enough to handle the authentication needs of virtually any application at any scale.
Security Considerations
Pre-generating keys doesn't compromise security:
- Keys are ephemeral: Pool keys are used once then destroyed
- CSPRNG seeding: Each key uses fresh randomness from the system CSPRNG
- Memory protection: Keys are stored in secure, non-swappable memory
- No key reuse: Each key is acquired atomically and never returned to the pool
When to Use Key Pools
Key pools are most beneficial when:
- You need ephemeral keys for each request (authentication, key exchange)
- Throughput requirements exceed 10,000+ ops/second
- Latency budgets are tight (<1ms total)
- You have available CPU cycles during idle periods
For long-term identity keys that are generated once and used repeatedly, direct generation is fine—the 33-37µs overhead happens only once.
Experience 104x Faster Key Generation
Key pooling is enabled by default on all H33 API endpoints.
Get Started