QuantaCore SDK for Rust
Rust bindings for the QUAC 100 Post-Quantum Cryptographic Accelerator.
Features
- ML-KEM (Kyber): Post-quantum key encapsulation (512, 768, 1024 security levels)
- ML-DSA (Dilithium): Post-quantum digital signatures (44, 65, 87 security levels)
- QRNG: Quantum random number generation with hardware entropy
- Hardware Hashing: SHA-2, SHA-3, SHAKE, HMAC, HKDF
- HSM Key Storage: Secure key management in hardware
- Thread-Safe: Device handles are
Send + Sync
- Memory-Safe: Automatic zeroization of secrets via
zeroize crate
Test Results
99 tests passed, 0 failed
31 hardware tests (ignored without device)
27 doc-tests passed
Requirements
- Rust 1.70 or later
- QUAC 100 device and native library installed
- Linux, Windows, or macOS
Installation
Add to your Cargo.toml:
[dependencies]
quantacore-sdk = "1.0"
Quick Start
use quantacore::{initialize, cleanup, open_first_device, KemAlgorithm};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let kem = device.kem();
let keypair = kem.generate_keypair(KemAlgorithm::MlKem768)?;
let (ciphertext, shared_secret) = kem.encapsulate(
keypair.public_key(),
KemAlgorithm::MlKem768
)?;
let decap_secret = kem.decapsulate(
keypair.secret_key(),
&ciphertext,
KemAlgorithm::MlKem768
)?;
assert_eq!(shared_secret, decap_secret);
drop(device);
cleanup()?;
Ok(())
}
Examples
Key Exchange (ML-KEM)
use quantacore::{initialize, cleanup, open_first_device};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let kem = device.kem();
let keypair = kem.generate_keypair_768()?;
let (ciphertext, sender_secret) = kem.encapsulate_768(keypair.public_key())?;
let receiver_secret = kem.decapsulate_768(keypair.secret_key(), &ciphertext)?;
assert_eq!(sender_secret, receiver_secret);
cleanup()?;
Ok(())
}
Digital Signatures (ML-DSA)
use quantacore::{initialize, cleanup, open_first_device, SignAlgorithm};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let sign = device.sign();
let keypair = sign.generate_keypair(SignAlgorithm::MlDsa65)?;
let message = b"Hello, quantum world!";
let signature = sign.sign(keypair.secret_key(), message, SignAlgorithm::MlDsa65)?;
let valid = sign.verify(
keypair.public_key(),
message,
&signature,
SignAlgorithm::MlDsa65
)?;
assert!(valid);
cleanup()?;
Ok(())
}
Hashing
use quantacore::{initialize, cleanup, open_first_device, HashAlgorithm};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let hash = device.hash();
let digest = hash.sha256(b"Hello, World!")?;
println!("SHA-256: {}", hex::encode(&digest));
let mut ctx = hash.create_context(HashAlgorithm::Sha3_256)?;
ctx.update(b"Hello, ")?;
ctx.update(b"World!")?;
let digest = ctx.finalize()?;
let mac = hash.hmac_sha256(b"secret key", b"message")?;
let derived = hash.hkdf_sha256(b"ikm", b"salt", b"info", 32)?;
cleanup()?;
Ok(())
}
Random Number Generation (QRNG)
use quantacore::{initialize, cleanup, open_first_device};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let random = device.random();
let bytes = random.bytes(32)?;
let value = random.next_u64()?;
let dice = random.randint(1, 6)?;
let uuid = random.uuid()?;
println!("UUID: {}", uuid);
let mut items = vec![1, 2, 3, 4, 5];
random.shuffle(&mut items)?;
cleanup()?;
Ok(())
}
HSM Key Storage
use quantacore::{initialize, cleanup, open_first_device, KeyType, KeyUsage};
fn main() -> quantacore::Result<()> {
initialize()?;
let device = open_first_device()?;
let keys = device.keys();
let key_data = vec![0u8; 32];
keys.store(
0, KeyType::Secret,
0, KeyUsage::ENCRYPT | KeyUsage::DECRYPT,
"my-key",
&key_data,
)?;
let loaded = keys.load(0)?;
assert_eq!(loaded, key_data);
let info = keys.get_info(0)?;
println!("Key label: {}", info.label);
keys.delete(0)?;
cleanup()?;
Ok(())
}
RAII Pattern
Use LibraryContext for automatic cleanup:
use quantacore::{LibraryContext, open_first_device};
fn main() -> quantacore::Result<()> {
let _ctx = LibraryContext::new()?;
let device = open_first_device()?;
Ok(()) }
Running Examples
cargo run --example basic
cargo run --example kem
cargo run --example sign
cargo run --example hash
cargo run --example random
Running Tests
cargo test
cargo test --test integration -- --ignored
Environment Variables
| Variable |
Description |
QUAC100_LIB_DIR |
Custom library search path |
QUAC100_INCLUDE_DIR |
Custom include path |
Feature Flags
| Feature |
Description |
std |
Standard library support (default) |
software-fallback |
Enable software fallback when hardware unavailable |
fips |
Enable FIPS 140-3 compliant mode |
debug |
Enable additional debug output |
Thread Safety
The Device struct is Send and Sync, allowing it to be shared across threads safely. The underlying hardware operations are serialized by the device driver.
Memory Safety
- All secret keys are automatically zeroed when dropped using the
zeroize crate
- Constant-time operations for cryptographic comparisons
- Safe Rust wrappers around unsafe FFI calls
Supported Platforms
| Platform |
Architecture |
| Linux |
x86_64, aarch64 |
| Windows |
x86_64 |
| macOS |
x86_64, aarch64 |
API Reference
Algorithms
| Type |
Variants |
KemAlgorithm |
MlKem512, MlKem768, MlKem1024 |
SignAlgorithm |
MlDsa44, MlDsa65, MlDsa87 |
HashAlgorithm |
Sha256, Sha384, Sha512, Sha3_256, Sha3_384, Sha3_512, Shake128, Shake256 |
Key Sizes (bytes)
| Algorithm |
Public Key |
Secret Key |
Ciphertext/Signature |
| ML-KEM-512 |
800 |
1632 |
768 |
| ML-KEM-768 |
1184 |
2400 |
1088 |
| ML-KEM-1024 |
1568 |
3168 |
1568 |
| ML-DSA-44 |
1312 |
2560 |
2420 |
| ML-DSA-65 |
1952 |
4032 |
3309 |
| ML-DSA-87 |
2592 |
4896 |
4627 |
Documentation
License
Copyright © 2024-2025 Dyber, Inc. All rights reserved.
This software is proprietary and confidential. See LICENSE for details.
Support
