kylix-pqc

Experimental Post-Quantum Cryptography for Rust

A pure Rust implementation of NIST FIPS post-quantum cryptography standards (experimental, not audited).

Security Notice

This project is experimental and has NOT been audited. It is NOT intended for production use. Passing NIST test vectors does not guarantee security.

This is an AI-assisted implementation experiment, not a cryptographic reference.

For production-ready PQC, use RustCrypto's ml-kem, ml-dsa, and slh-dsa.

Quick Start

Library

cargo add kylix-pqc

CLI (Linux/macOS)

curl -LsSf https://github.com/crane-valley/kylix-cli/releases/latest/download/kylix-cli-installer.sh | sh

CLI (Windows)

irm https://github.com/crane-valley/kylix-cli/releases/latest/download/kylix-cli-installer.ps1 | iex

Features

ML-KEM (FIPS 203)

Module-Lattice-Based Key Encapsulation Mechanism with security levels 1, 3, and 5.

ML-DSA (FIPS 204)

Module-Lattice-Based Digital Signature Algorithm with security levels 2, 3, and 5.

SLH-DSA (FIPS 205)

Stateless Hash-Based Digital Signature Algorithm with security levels 1, 3, and 5.

NIST ACVP Tested

Passes official NIST test vectors. Test vectors verify correctness, not security.

no_std Compatible

Works in embedded systems and WebAssembly environments without the standard library.

Constant-Time

Best-effort constant-time implementations. Not formally verified against side-channel attacks.

Memory Zeroization

Automatic zeroization of sensitive data when no longer needed via zeroize crate.

Fuzz Tested

Fuzzing infrastructure for robustness. Fuzzing helps find bugs but is not a security guarantee.

SIMD Optimized

Hardware-accelerated performance with AVX2 (x86_64) and NEON (ARM64) optimizations.

Security Considerations

Not audited - This library has not been professionally audited or formally verified.
Best-effort constant-time - Constant-time behavior is not formally verified and may vary by platform.
Test vectors are not security proofs - Passing NIST test vectors verifies correctness, not security.
AI-assisted implementation - This is an experimental AI-assisted implementation for learning purposes.
Report vulnerabilities privately - If you find a security issue, do not open a public issue. Contact [email protected] or see our security policy.

Library Repository CLI Repository Security Policy

Command Line Interface

# Generate a key pair
kylix keygen -a ml-kem-768 -o mykey

# Encapsulate a shared secret
kylix encaps --pub mykey.pub -o ciphertext.bin

# Decapsulate the shared secret
kylix decaps --key mykey.sec -i ciphertext.bin

Library Usage

Key Encapsulation (ML-KEM)

use kylix_pqc::ml_kem::{MlKem768, Kem};

let (dk, ek) = MlKem768::keygen(&mut rng)?;
let (ct, ss1) = MlKem768::encaps(&ek, &mut rng)?;
let ss2 = MlKem768::decaps(&dk, &ct)?;

assert_eq!(ss1.as_ref(), ss2.as_ref());

Digital Signatures (ML-DSA)

use kylix_pqc::ml_dsa::{MlDsa65, Signer};

let (sk, pk) = MlDsa65::keygen(&mut rng)?;
let msg = b"Hello, post-quantum world!";
let sig = MlDsa65::sign(&sk, msg)?;

MlDsa65::verify(&pk, msg, &sig)?;

Hash-Based Signatures (SLH-DSA)

use kylix_pqc::slh_dsa::SlhDsaShake128f;

let (sk, pk) = SlhDsaShake128f::keygen(&mut rng)?;
let msg = b"Hello, post-quantum world!";
let sig = SlhDsaShake128f::sign(&sk, msg)?;

SlhDsaShake128f::verify(&pk, msg, &sig)?;