Skip to content
/ pqc_bridge Public

Quantum-resistant secure communication using ML-KEM (Kyber) and ML-DSA (Dilithium) post-quantum cryptography

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

olekssy/pqc_bridge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

pqc_bridge

docs.rs (with version) Crates.io Last commit GitHub Actions Workflow Status License

A lightweight Rust library for post-quantum cryptography providing secure key management, encryption, and digital signatures using NIST-standardized algorithms.

Key Features:

  • Intuitive API for building secure, quantum-resistant communication systems
  • Unified Rust library and CLI tool in one package for file-based and programmatic operations
  • Hybrid encryption (Kyber x AES-256-GCM) and signatures (Dilithium x SHA3-256)
  • Provides NIST Level 3 192-bit security for encryption and signatures
  • Compliant with NIST FIPS 203 (ML-KEM-768) and FIPS 204 (ML-DSA-65)

Quick Start

Installation

Install as a dependency:

cargo add pqc_bridge

Install as a CLI tool:

cargo install pqc_bridge

Library Usage

use pqc_bridge::{KeyPair, encrypt, decrypt, sign, verify};

let message = "Secret message";
let keypair = KeyPair::generate();

// Encryption
let encrypted = encrypt(message, &keypair.to_public_key());
let decrypted = decrypt(encrypted, &keypair);
assert_eq!(message, decrypted);

// Signing
let signature = sign(message, &keypair);
let is_signature_valid = verify(message, &signature, &keypair.to_public_key());
assert!(is_signature_valid);

CLI Usage

# Generate keypair
pqc keygen -o alice  # Creates alice.sec and alice.pub

# Encrypt message
pqc encrypt -m "Hello!" -k alice.pub -o encrypted.pqc

# Encrypt file
pqc encrypt -m @message.txt -k alice.pub -o encrypted.pqc

# Decrypt message
pqc decrypt -i encrypted.pqc -k alice.sec

How It Works

Hybrid Encryption:

  1. Kyber encapsulates a random AES-256 key using recipient's public key
  2. AES-256-GCM encrypts the message with the encapsulated key (fast + quantum-resistant)

Digital Signatures:

  1. SHA3-256 hashes the message, Dilithium signs the hash
  2. Verification checks signature against message hash with sender's public key

Security Features:

  • Automatic zeroization of secret keys in memory
  • JSON serialization with Base64 encoding
  • File-based operations via CLI

References

License

MIT License - See LICENSE for details.

Note: Responsibility for secure implementation rests with the user. Consult cryptography experts for production use.

About

Quantum-resistant secure communication using ML-KEM (Kyber) and ML-DSA (Dilithium) post-quantum cryptography

Topics

rust encryption post-quantum-cryptography dilithium kyber quantum-resistant

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages