Skip to main content

Python bindings for the "PQClean" post-quantum cryptography library.

Project description

Usage

Simply install from PyPI with pip install pypqc, or see “Development” below if you want to tinker on the codebase!

KEMs

McEliece, Kyber, and HQC are currently provided, all with the same interface.:

# Available: hqc_128, hqc_192, hqc_256,
# kyber512, kyber768, kyber1024,
# mceliece348864, mceliece460896,
# mceliece6688128, mceliece6960119, mceliece8192128
from pqc.kem import mceliece6960119 as kemalg


# 1. Keypair generation
pk, sk = kemalg.keypair()


# 2. Key encapsulation
ss, kem_ct = kemalg.encap(pk)


# 3. Key de-encapsulation
ss_result = kemalg.decap(kem_ct, sk)
assert ss_result == ss

Capabilities not included in PQClean, such as McEliece signatures, Hybrid Encryption or KEM-TRANS, and message encapsulation, are not going to be implemented in this library. (Exception: Plaintext Confirmation is on the agenda for inclusion even if upstream ultimately decides to exclude it.)

Signature Algorithms

SPHINCS+, Dilithium, and Falcon are provided, all with the same interface.:

# Supported: dilithium2, dilithium3, dilithium5,
# falcon_512, falcon_512_padded, falcon_1024, falcon_1024_padded,
# sphincs_sha2_128f_simple, sphincs_sha2_128s_simple,
# sphincs_shake_128f_simple, sphincs_shake_128s_simple,
# sphincs_sha2_192f_simple, sphincs_sha2_192s_simple,
# sphincs_shake_192f_simple, sphincs_shake_192s_simple,
# sphincs_sha2_256f_simple, sphincs_sha2_256s_simple,
# sphincs_shake_256f_simple, sphincs_shake_256s_simple
from pqc.sign import sphincs_shake_256s_simple as sigalg


# 1. Keypair generation
pk, sk = sigalg.keypair()


# 2. Signing
# (detached signature)
sig = sigalg.sign(MY_MESSAGE, sk)


# 3. Signature verification
# (Returns None on success; raises ValueError on failure.)
sigalg.verify(sig, MY_MESSAGE, pk)

Regarding SPHINCS+: the Simple version is included; the Robust version is is not; SHA256 and SHAKE256 are included; Haraka is not. See https://github.com/PQClean/PQClean/discussions/548#discussioncomment-8565116 for more information.

Regarding Falcon: the Compressed and Padded versions are included, and are able to verify() each others’ signatures. The CT version is not currently planned.

Development

Dependencies:

  • Python 3 (tested mainly on CPython 3.9, 3.10, 3.11, and 3.12; and on PyPy 7.3.12)

  • cffi

    • Transitive non-PyPI build-time dependency: Python Headers (only Linux users need to manually install these; they come OOtB on Windows. Not sure about Mac.)

  • setuptools (build-time dependency)

  • wheel (build-time dependency)

  • a C compiler (build-time dependency)

Getting started:

  1. Maybe use a venv or whatever if you want to

    • for Windows: py -m venv .venv & .venv\Scripts\activate.bat

    • for Linux and Mac: python3 -m venv .venv; . .venv/bin/activate (first install it, if needed)

  2. Run python -m pip install .

    • Alternatively: you may get cleaner building with python -m build . (only after python -m pip install build)

    • Editable / “develop” mode not supported currently (CFFI will have to support this before it’s even on the table.)

  3. Run python -m pqc.demo to test it. If it prints “OK” and exits, the functions are almost certainly not broken. (Ideally, run this from a DIFFERENT directory, such as your home folder, so you can be sure it’s being imported properly and not being masked by the local copy.)

    • N.B. / FIXME: this function is currently NOT a full test suite; it only does a single encap-decap cycle with the default implementation of mceliece6960119. It does NOT test any other version of McEliece, or any signature algorithm.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pypqc-0.0.7.0a2.tar.gz (1.0 MB view details)

Uploaded Source

File details

Details for the file pypqc-0.0.7.0a2.tar.gz.

File metadata

  • Download URL: pypqc-0.0.7.0a2.tar.gz
  • Upload date:
  • Size: 1.0 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.8

File hashes

Hashes for pypqc-0.0.7.0a2.tar.gz
Algorithm Hash digest
SHA256 a27b406bb338467691abd714b5713e78252e1418b85b12fa66753ec297faebd4
MD5 3a18a8c5ce390e22aacefcd009a9e530
BLAKE2b-256 782cdc8cae46cc56ab9301453af513783bc352cc50cf0014920d8233310ad332

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page