kylix-pqc
| Crates.io | kylix-pqc |
| lib.rs | kylix-pqc |
| version | 0.4.2 |
| created_at | 2026-01-22 04:53:39.668133+00 |
| updated_at | 2026-01-25 13:21:00.216786+00 |
| description | Post-quantum cryptography library implementing NIST FIPS standards |
| homepage | https://kylix-pqc.dev/ |
| repository | https://github.com/crane-valley/kylix |
| max_upload_size | |
| id | 2060760 |
| size | 15,736 |
crates-publishers (github:crane-valley:crates-publishers)
documentation
README
Kylix
A post-quantum cryptography library implementing NIST FIPS standards in pure Rust.
Features
- ML-KEM (FIPS 203): Module-Lattice-Based Key Encapsulation Mechanism
- ML-KEM-512 (Security Level 1)
- ML-KEM-768 (Security Level 3)
- ML-KEM-1024 (Security Level 5)
- ML-DSA (FIPS 204): Module-Lattice-Based Digital Signature Algorithm
- ML-DSA-44 (Security Level 2)
- ML-DSA-65 (Security Level 3)
- ML-DSA-87 (Security Level 5)
- SLH-DSA (FIPS 205): Stateless Hash-Based Digital Signature Algorithm
- SLH-DSA-SHAKE-128s/128f (Security Level 1)
- SLH-DSA-SHAKE-192s/192f (Security Level 3)
- SLH-DSA-SHAKE-256s/256f (Security Level 5)
no_stdcompatible for embedded systems- Constant-time implementations to prevent timing attacks
- Secure memory handling with automatic zeroization
- SIMD optimizations (AVX2/NEON) for high performance
- Comprehensive test coverage including NIST ACVP vectors
Installation
Add to your Cargo.toml:
[dependencies]
kylix-pqc = "0.4"
Usage
ML-KEM (Key Encapsulation)
use kylix_pqc::ml_kem::{MlKem768, Kem};
use rand::rngs::OsRng;
fn main() -> kylix_pqc::Result<()> {
// Generate a key pair
let (decapsulation_key, encapsulation_key) = MlKem768::keygen(&mut OsRng)?;
// Sender: Encapsulate a shared secret
let (ciphertext, shared_secret_sender) = MlKem768::encaps(&encapsulation_key, &mut OsRng)?;
// Receiver: Decapsulate the shared secret
let shared_secret_receiver = MlKem768::decaps(&decapsulation_key, &ciphertext)?;
// Both parties now have the same shared secret
assert_eq!(shared_secret_sender.as_ref(), shared_secret_receiver.as_ref());
Ok(())
}
ML-DSA (Digital Signatures)
use kylix_pqc::ml_dsa::MlDsa65;
use rand::rngs::OsRng;
fn main() -> kylix_pqc::Result<()> {
// Generate a signing key pair
let (signing_key, verifying_key) = MlDsa65::keygen(&mut OsRng)?;
// Sign a message (deterministic signing, no RNG needed)
let message = b"Hello, post-quantum world!";
let signature = MlDsa65::sign(&signing_key, message)?;
// Verify the signature
MlDsa65::verify(&verifying_key, message, &signature)?;
Ok(())
}
SLH-DSA (Stateless Hash-Based Signatures)
use kylix_pqc::slh_dsa::SlhDsaShake128f;
use rand::rngs::OsRng;
fn main() -> kylix_pqc::Result<()> {
// Generate a signing key pair
let (signing_key, verifying_key) = SlhDsaShake128f::keygen(&mut OsRng)?;
// Sign a message (deterministic signing, no RNG needed)
let message = b"Hello, post-quantum world!";
let signature = SlhDsaShake128f::sign(&signing_key, message)?;
// Verify the signature
SlhDsaShake128f::verify(&verifying_key, message, &signature)?;
Ok(())
}
Crate Structure
| Crate | Description |
|---|---|
kylix-pqc |
Main crate with re-exports |
kylix-core |
Core traits and utilities |
kylix-ml-kem |
ML-KEM (FIPS 203) implementation |
kylix-ml-dsa |
ML-DSA (FIPS 204) implementation |
kylix-slh-dsa |
SLH-DSA (FIPS 205) implementation |
kylix-cli |
Command-line interface |
Security
WARNING: This library has not been audited. Use at your own risk.
See SECURITY.md for security policy and reporting vulnerabilities.
Minimum Supported Rust Version
This crate requires Rust 1.75 or later.
License
This project is licensed under the MIT License.
Contributing
Contributions are welcome! Please see CLAUDE.md for project guidelines before submitting PRs.