Crate x_wing 

RustCrypto: X-Wing KEM

Pure Rust implementation of X-Wing, a general-purpose post-quantum/traditional hybrid key encapsulation mechanism (PQ/T KEM) built on X25519 and ML-KEM-768. Built on the ml-kem and x25519-dalek crates.

Current implementation matches the draft RFC version 06.

The original paper: X-Wing The Hybrid KEM You’ve Been Looking For

Documentation

About

⚠️ Security Warning

The implementation contained in this crate has never been independently audited!

USE AT YOUR OWN RISK!

Minimum Supported Rust Version (MSRV) Policy

MSRV increases are not considered breaking changes and can happen in patch releases.

The crate MSRV accounts for all supported targets and crate feature combinations, excluding explicitly unstable features.

License

Licensed under either of:

• Apache License, Version 2.0
• MIT license

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Usage

This crate implements the X-Wing Key Encapsulation Method (X-Wing-KEM) algorithm. X-Wing-KEM is a KEM in the sense that it creates an (decapsulation key, encapsulation key) pair, such that anyone can use the encapsulation key to establish a shared key with the holder of the decapsulation key. X-Wing-KEM is a general-purpose hybrid post-quantum KEM, combining x25519 and ML-KEM-768.

// NOTE: requires the `getrandom` feature is enabled
use kem::{Decapsulate, Encapsulate};

let (sk, pk) = x_wing::generate_key_pair();
let (ct, ss_sender) = pk.encapsulate();
let ss_receiver = sk.decapsulate(&ct);
assert_eq!(ss_sender, ss_receiver);

Re-exports

pub use kem;

Structs

CiphertextMessage

X-Wing ciphertext.

DecapsulationKey

X-Wing decapsulation key or private key.

EncapsulationKey

X-Wing encapsulation or public key.

InvalidKey

Error type for TryKeyInit for cases where the provided bytes do not correspond to a valid key.

Constants

CIPHERTEXT_SIZE

Size in bytes of the Ciphertext.

DECAPSULATION_KEY_SIZE

Size in bytes of the DecapsulationKey.

ENCAPSULATION_KEY_SIZE

Size in bytes of the EncapsulationKey.

Traits

Decapsulate

Decapsulator for encapsulated keys, with an associated Encapsulator bounded by the Encapsulate trait.

Decapsulator

Trait for decapsulators, which is a supertrait bound of both Decapsulate and TryDecapsulate.

Encapsulate

Encapsulator for shared secrets.

Generate

Secure random generation.

KemParams

Key encapsulation mechanism parameters: sizes of the ciphertext and decrypted plaintext.

KeyExport

Serialize a key to a byte array.

KeyInit

Types which can be initialized from a key.

KeySizeUser

Types which use key for initialization.

TryKeyInit

Types which can be fallibly initialized from a key.

Functions

generate_key_pairgetrandom

Generate a X-Wing key pair using OsRng.

generate_key_pair_from_rng

Generate a X-Wing key pair using the provided rng.

Type Aliases

Ciphertext

Serialized ciphertext.

Key

Key used by KeySizeUser implementors.

SharedSecret

Shared secret key.