Expand description
NIST Post-Quantum Cryptography implementation for Hanzo Node
Implements FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) with support for hybrid modes and privacy tiers.
Re-exports§
pub use config::PqcConfig;pub use errors::PqcError;pub use errors::Result;pub use hybrid::HybridKem;pub use hybrid::HybridMode;pub use kdf::Kdf;pub use kdf::KdfAlgorithm;pub use kem::DecapsulationKey;pub use kem::EncapsulationKey;pub use kem::Kem;pub use kem::KemAlgorithm;pub use kem::KemKeyPair;pub use privacy_tiers::CapabilityMatrix;pub use privacy_tiers::PrivacyTier;pub use privacy_tiers::RuntimeRequirements;pub use signature::Signature;pub use signature::SignatureAlgorithm;pub use signature::SigningKey;pub use signature::VerifyingKey;pub use saorsa_pqc;
Modules§
- attestation
- Attestation support for TEE environments
- config
- PQC configuration
- errors
- Error types for PQC operations
- hybrid
- Hybrid KEM implementation combining ML-KEM with X25519 Per NIST guidance for defense-in-depth
- kdf
- Key Derivation Functions (KDF) SP 800-56C compliant HKDF and SP 800-108 compliant KDF
- kem
- Key Encapsulation Mechanism (KEM) implementation FIPS 203 (ML-KEM/Kyber) support with hybrid X25519 option
- privacy_
tiers - Privacy tiers and capability matrix for attestation-based key release Implements tiered privacy from open data to GPU TEE-I/O
- signature
- Digital signature implementation FIPS 204 (ML-DSA/Dilithium) and FIPS 205 (SLH-DSA/SPHINCS+)
- wire_
protocol - Wire protocol for PQC-enabled P2P handshake and key exchange
Functions§
- init
- Initialize the PQC subsystem with FIPS-compliant RNG