A Cross Platform Post-Quantum Secure Crypto Library

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aloecraft from gravatar.com aloecraft

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Michael Godfrey
  • Tags cryptography , post-quantum , pqc , ml-kem , ml-dsa , kyber , dilithium , key-encapsulation , digital-signature , webassembly , wasm
  • Requires: Python >=3.11
  • Provides-Extra: test , docs
Classifiers
Report project as malware

Project description

aloecrypt-py

A post-quantum secure messaging library for Python

GitHub CI PyPI version PyPI downloads Python versions License

Aloecrypt provides mutual authentication and encrypted sessions using ML-KEM-768 (Kyber) for key encapsulation and ML-DSA-65 (Dilithium) for signatures, with ChaCha20-Poly1305 for symmetric encryption. The cryptographic core is compiled to WebAssembly, so there are no native extension dependencies.

Installation

pip install aloecrypt

Requires Python 3.11 or later.

Quick example

from aloecrypt import DilithiumSigner, SessionBuilder, perform_handshake
from aloecrypt.consts import EMPTY_TIMESTAMP

# Each party creates a root identity (done once, then persisted)
root_a = DilithiumSigner.new()
root_b = DilithiumSigner.new()

# Derive short-lived delegates for active use
delegate_a = root_a.create_delegate(EMPTY_TIMESTAMP, EMPTY_TIMESTAMP, 0, 0)
delegate_b = root_b.create_delegate(EMPTY_TIMESTAMP, EMPTY_TIMESTAMP, 0, 0)

# Build sessions targeting each other's address
session_a = SessionBuilder.create(root_b.address, delegate_a)
session_b = SessionBuilder.create(root_a.address, delegate_b)

# Run the handshake
built_a, built_b = perform_handshake(session_a, session_b)

# Encrypt and decrypt
ciphertext = built_a.encrypt(b"hello")
assert built_b.decrypt(ciphertext) == b"hello"

What it provides

  • Identities -- ML-DSA-65 root keypairs with derived short-lived delegates. The root key can be kept offline; delegates are used for active sessions.
  • Key encapsulation -- ML-KEM-768 keypairs signed by a delegate. Direct encapsulate/decapsulate is available for custom protocols.
  • Handshake -- a five-message mutual proof-of-decryption protocol. Transport-agnostic; works over TCP, WebRTC, HTTP, message queues, or anything else.
  • Sessions -- ChaCha20-Poly1305 authenticated encryption with deterministic nonce derivation. Supports arbitrary byte payloads including empty and large messages.
  • Custom sessions -- construct a session directly from pre-shared secrets without running the handshake, for integration with your own key agreement protocol.
  • PEM serialisation -- encrypted PEM for private keys, unencrypted PEM for public keys and verifiers.

Algorithms

Role Algorithm
Signing ML-DSA-65 (Dilithium)
Key encapsulation ML-KEM-768 (Kyber)
Symmetric encryption ChaCha20-Poly1305
Key derivation HKDF-SHA256
Key stretching PBKDF2

Documentation

Full API reference and usage guides at aloecrypt-py.aloecraft.org.

License

Apache-2.0 -- see LICENSE for details.

Copyright Michael Godfrey 2026 | aloecraft.org

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aloecraft from gravatar.com aloecraft

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: Michael Godfrey
  • Tags cryptography , post-quantum , pqc , ml-kem , ml-dsa , kyber , dilithium , key-encapsulation , digital-signature , webassembly , wasm
  • Requires: Python >=3.11
  • Provides-Extra: test , docs
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aloecrypt-0.1.0.tar.gz (226.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aloecrypt-0.1.0-py3-none-any.whl (231.1 kB view details)

Uploaded Python 3

File details

Details for the file aloecrypt-0.1.0.tar.gz.

File metadata

  • Download URL: aloecrypt-0.1.0.tar.gz
  • Upload date:
  • Size: 226.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aloecrypt-0.1.0.tar.gz
Algorithm Hash digest
SHA256 4646980b2db48c739b8f623d39f2d0c2db2ed2444a4a7fef2f0a1e778dd1cef6
MD5 068110895ab7f859aac292e3f7676871
BLAKE2b-256 3408158fee131afecb50bf25843392885ac6a730a0f830a77b79b70175bbc93e

See more details on using hashes here.

Provenance

The following attestation bundles were made for aloecrypt-0.1.0.tar.gz:

Publisher: publish.yml on Aloecraft-org/aloecrypt_py

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file aloecrypt-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: aloecrypt-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 231.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aloecrypt-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 6856a7538e6ae814fdad455090da75a65feddcf077465bc0110aabe59fd4c8e6
MD5 0cc379f12d2aaf9f58e627e257ccc2f4
BLAKE2b-256 5f7b8f822b34ee47e179ac3f4302b306dbd06d683ef3c6dc2ee1160d741c16c1

See more details on using hashes here.

Provenance

The following attestation bundles were made for aloecrypt-0.1.0-py3-none-any.whl:

Publisher: publish.yml on Aloecraft-org/aloecrypt_py

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page