Quantum-safe cryptography utilities built on top of liboqs-python
Project description
qcrypto
Version: 0.4.1
qcrypto is a lightweight Python library that provides simple, Pythonic wrappers around post-quantum cryptography (PQC) using the official liboqs-python bindings from the Open Quantum Safe project.
The library exposes unified, minimal interfaces for:
- Post-quantum key encapsulation (KEM)
- Post-quantum digital signatures
- A hybrid PQC + AES-GCM authenticated encryption scheme
qcrypto is suitable for learning PQC concepts, prototyping, research, and experimentation with quantum-safe primitives.
Features
Post-Quantum Key Encapsulation (KEM)
- Kyber (Kyber512 / Kyber768 / Kyber1024)
- Classic McEliece (all parameter sets exposed by liboqs)
- Public/secret key generation
- Encapsulation → shared secret + ciphertext
- Decapsulation → recover the same shared secret
Digital Signatures
-
Dilithium (2, 3, 5)
-
Falcon (Falcon-512, Falcon-1024)
-
SPHINCS+ (SHA2 and SHAKE variants)
-
Unified signature interface:
SignatureSchemefor any liboqs signature algorithm- Convenience wrappers:
DilithiumSig,FalconSig,SphincsSig
Hybrid PQC + AES-256-GCM Encryption
- Kyber encapsulates a shared secret
- HKDF-SHA256 derives an AES key
- AES-256-GCM encrypts the message
- Compact single-blob ciphertext format:
[1 byte] version
[1 byte] algorithm id
[2 bytes] Kyber ciphertext length
[N bytes] Kyber ciphertext
[12 bytes] AES-GCM nonce
[M bytes] AES-GCM ciphertext+tag
High-level API:
from qcrypto import encrypt, decrypt
Legacy API retained:
encrypt_for_recipient()
decrypt_from_sender()
Key Serialization
save_public_key(),save_private_key()KyberKEM.load_public_key(),KyberKEM.load_private_key()- Raw or base64 encoding
Installation
Python 3.8+:
pip install qcrypto
liboqs-python installs automatically.
Examples
All examples are located in the examples/ directory:
kyber_example.pyfiles_example.pymceliece_example.pydilithium_example.pyfalcon_example.pysphincs_example.pysignature_scheme_generic_example.pyhybrid_example.pylist_algorithms.py
Run an example:
python examples/kyber_example.py
Implementation Notes
- Uses
liboqs-python, which bundles optimized C implementations of PQC algorithms. - AES-256-GCM provided by the
cryptographypackage. - Available algorithms depend on how liboqs was compiled on your platform.
- Hybrid encryption uses HKDF-SHA256 and fresh 96-bit GCM nonces.
- Pure Python library using modern
src/layout.
Changelog
v0.4.0 — File Encryption & Streaming AES-GCM
New Features
• Added encrypt_file() and decrypt_file() for real file encryption workflows.
• Introduced streaming AES-256-GCM, allowing encryption/decryption of large files
without loading the entire file into memory.
• File ciphertext format matches the existing encrypt() API for full compatibility.
Ciphertext Format
[1 byte] version
[1 byte] algorithm id
[2 bytes] Kyber ciphertext length
[N bytes] Kyber ciphertext
[12 bytes] AES-GCM nonce
[M bytes] AES-GCM ciphertext + 16-byte GCM tag
Other Improvements
• Added round-trip file encryption tests.
• Updated __init__.py to expose file encryption helpers.
• Internal refactoring to support chunked I/O while preserving the
standardized hybrid ciphertext structure.
v0.3.0 — Expanded PQC Support
New Algorithms
- Falcon signatures (
FalconSig) - SPHINCS+ signatures (
SphincsSig) - Classic McEliece KEM (
ClassicMcElieceKEM)
Unified Signature Interface
- Added
SignatureSchemesupporting any liboqs signature algorithm.
Examples
- Added Falcon, SPHINCS+, McEliece, and generic signature examples.
Internal Improvements
- Restructured signatures/KEMs for easier future expansion.
v0.2.0 — Hybrid API Rewrite, Ciphertext Format, Key Serialization
- Added new high-level hybrid
encrypt()anddecrypt() - Introduced standardized single-blob ciphertext format
- Added key serialization helpers
- Improved decapsulation API
- Legacy API preserved for compatibility
Disclaimer
This library is for educational, experimental, and research use. It has not undergone formal security review and should not be used in production systems.
License
MIT License.
Resources
- Open Quantum Safe: https://openquantumsafe.org
- liboqs-python: https://github.com/open-quantum-safe/liboqs-python
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file qcrypto-0.4.1.tar.gz.
File metadata
- Download URL: qcrypto-0.4.1.tar.gz
- Upload date:
- Size: 11.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d22dbecd1042fe8bbc7866f871cf2b9bade5c2b04434a5fc5b3b69c4f4ec689f
|
|
| MD5 |
590171df79f0454e55e5f622016a765b
|
|
| BLAKE2b-256 |
eca52e180516085c67148f7bc13d3f2367c35a261bd0f166fa33923773ab93a4
|
File details
Details for the file qcrypto-0.4.1-py3-none-any.whl.
File metadata
- Download URL: qcrypto-0.4.1-py3-none-any.whl
- Upload date:
- Size: 9.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
86afb19cb1d87a5e4544e5e1919c7ea5b0da1432cc70941966b9116595b1997e
|
|
| MD5 |
9327a30b1932b95e3cfa7f731f6390cb
|
|
| BLAKE2b-256 |
6a49cf75712e12f17c99d5eaec631c9cc7a0bae59b19fca53eeb55bf0ad5cc88
|
