[NoKnowledge]

The so called quantum key-exchange requires a shared secret, so it is actually doing key-expansion. Besides that it has practical problems in side-channel protection and cannot achieve a high enough bandwidth to be of interest in most practical settings.

[roywiggins]

If you wanted to toss out public key cryptography as insecure, I guess you could use QKE to make symmetric key cryptography more practical. You would have a secure method of communicating your keys, and wouldn't have to worry that your new post-quantum public key cryptography was broken- since symmetric cryptography just isn't vulnerable in the same way.

[krastanov]

Edit: Deleted an incorrect comment. This is a good description of what I am missing: https://crypto.stackexchange.com/questions/2719/is-quantum-k... (man in the middle attacks)