Why:

RSA is suseptible to attacks by quantumm computers, therefore we need a "quantum-safe" replacement for the algorithm. NIST ran a competition to find 3 different types of algorithm for use in a "post-quantum" era...

• Signature Scheme
• PKE Scheme (Like RSA)
• KEM (Key Encapsulation Mechanism) Scheme

Unfortunatley, a winner for the PKE Scheme was not identified, so a KEM based algorythm must be used in conjunction with a "quantum-safe" symmetric encryption algorithm like AES must be used to achive the same functionality.

What:

ML-KEM was one of the NIST's winners for the KEM (Key Encapsulation Mechanism). However, because its a KEM scheme not a PKE scheme, its going to be a little different to use...