Expand description
zks_pqcrypto - Post-Quantum Cryptography for ZKS Protocol
This crate provides post-quantum cryptographic implementations for the ZKS Protocol, focusing on NIST-standardized algorithms:
- ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) - formerly Kyber
- ML-DSA (Module-Lattice-Based Digital Signature Algorithm) - formerly Dilithium
§Security Levels
| Algorithm | NIST Level | Classical Security | Post-Quantum Security |
|---|---|---|---|
| ML-KEM-768 | 3 | 192-bit | 192-bit |
| ML-DSA-65 | 3 | 192-bit | 192-bit |
§Features
- Memory Safety: All secret keys are automatically zeroized on drop
- Constant Time: Uses verified constant-time implementations
- No Unsafe Code:
#![forbid(unsafe_code)]for maximum safety - Ergonomic API: Simple, easy-to-use interfaces
§Example
use zks_pqcrypto::{MlKem, MlDsa};
// Key encapsulation
let keypair = MlKem::generate_keypair()?;
let encapsulation = MlKem::encapsulate(&keypair.public_key)?;
let shared_secret_bob = MlKem::decapsulate(&encapsulation.ciphertext, keypair.secret_key())?;
// Digital signatures
let keypair = MlDsa::generate_keypair()?;
let message = b"Hello, post-quantum world!";
let signature = MlDsa::sign(message, keypair.signing_key())?;
MlDsa::verify(message, &signature, keypair.verifying_key())?;Re-exports§
pub use ml_kem::MlKem;pub use ml_kem::MlKemKeypair;pub use ml_kem::MlKemEncapsulation;pub use ml_dsa::MlDsa;pub use ml_dsa::MlDsaKeypair;pub use errors::PqcError;pub use errors::Result;
Modules§
- errors
- Error types for zks_pqcrypto crate
- ml_dsa
- ML-DSA (Module-Lattice-Based Digital Signature Algorithm) implementation
- ml_kem
- ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism) implementation
- prelude
- Prelude for zks_pqcrypto - convenient imports