Pure Rust Post-Quantum Cryptography Library with FIPS 140-3 Support
A production-ready, no_std compatible cryptography library implementing NIST-standardized post-quantum algorithms with optional FIPS 140-3 compliance features.
🌐 Website: www.pqc-combo.com
📦 Crate: crates.io/crates/pqc-combo
📖 Documentation: docs.rs/pqc-combo
🔗 Repository: github.com/AaronSchnacky1/pqc-combo
cargo test --features std
cargo test --features "std,ml-kem,ml-dsa"
cargo test --features "std,fips_140_3"
cargo test --all-features
cargo test --no-default-features
cargo test --no-default-features --features alloc
cargo test --no-default-features --features "alloc,aes-gcm"
cargo bench
cargo bench --features "std,ml-kem,ml-dsa"
cargo bench keygen
cargo bench ML-KEM-
ML-KEM-1024 (Kyber) - FIPS 203, Security Level 5
- Key Encapsulation Mechanism for secure key exchange
- 1568-byte public keys, 3168-byte private keys
- 32-byte shared secrets
-
ML-DSA-65 (Dilithium) - FIPS 204, Security Level 3
- Digital signature algorithm for authentication
- 1952-byte public keys, 4032-byte private keys
- 3309-byte signatures
-
AES-256-GCM - FIPS 197 & SP 800-38D
- Authenticated encryption with associated data
- Optional feature for hybrid encryption schemes
When the fips_140_3 feature is enabled, the library includes:
-
✅ Pre-Operational Self-Tests (POST)
- Cryptographic Algorithm Self-Tests (CASTs) for hash functions
- Known Answer Tests (KATs) for ML-KEM and ML-DSA
- Pair-wise Consistency Tests (PCTs) for key generation
-
✅ State Machine
- Enforces proper initialization before cryptographic operations
- States: Uninitialized → POST → Operational → Error
-
✅ CSP Controls
- Prevents plaintext export of secret keys in FIPS mode
- Automatic key zeroization on drop
- Keys only accessible through approved APIs
- ✅
no_std+no_alloc- Bare metal / embedded systems - ✅
no_std+alloc- Embedded with allocator - ✅
std- Full standard library with OS RNG
Add to your Cargo.toml:
[dependencies]
pqc-combo = "0.1"use pqc_combo::*;
// Key Encapsulation (KEM)
let keys = KyberKeys::generate_key_pair();
let (ciphertext, shared_secret_sender) = encapsulate_shared_secret(&keys.pk);
let shared_secret_receiver = decapsulate_shared_secret(&keys.sk, &ciphertext);
assert_eq!(shared_secret_sender, shared_secret_receiver);
// Digital Signatures
let (pk, sk) = generate_dilithium_keypair();
let message = b"Hello, Post-Quantum World!";
let signature = sign_message(&sk, message);
assert!(verify_signature(&pk, message, &signature));use pqc_combo::*;
// Run Pre-Operational Self-Tests
run_post().expect("POST failed");
// Generate keys with Pair-wise Consistency Test
let keys = KyberKeys::generate_key_pair_with_pct()
.expect("PCT failed");
// Use keys normally
let (ct, ss) = encapsulate_shared_secret(&keys.pk);#![no_std]
use pqc_combo::*;
// Bring your own entropy source
let seed: [u8; 64] = get_hardware_entropy();
// Generate keys from seed
let keys = KyberKeys::generate_key_pair_with_seed(seed);| Feature | Description | Default |
|---|---|---|
std |
Standard library support, enables OS RNG | ✅ |
alloc |
Allocator support, required for AES-GCM | ✅ |
ml-kem |
ML-KEM-1024 (Kyber) algorithm | ✅ |
ml-dsa |
ML-DSA-65 (Dilithium) algorithm | ✅ |
aes-gcm |
AES-256-GCM symmetric encryption | ✅ |
fips_140_3 |
FIPS 140-3 compliance features | ❌ |
# Default: Full featured with std
pqc-combo = "0.1"
# FIPS mode
pqc-combo = { version = "0.1", features = ["fips_140_3"] }
# Minimal no_std
pqc-combo = { version = "0.1", default-features = false, features = ["ml-kem", "ml-dsa"] }
# no_std with allocator and AES
pqc-combo = { version = "0.1", default-features = false, features = ["alloc", "ml-kem", "ml-dsa", "aes-gcm"] }- ML-KEM-1024: NIST Security Level 5 (equivalent to AES-256)
- ML-DSA-65: NIST Security Level 3 (equivalent to AES-192)
- AES-256-GCM: 256-bit security
- ✅ Pure Rust - Memory safety guaranteed by Rust
- ✅ Constant-time operations - Via libcrux implementations
- ✅ Automatic zeroization - Secret keys cleared on drop
- ✅ No unsafe code - In the public API surface
- ✅ FIPS 140-3 ready - Self-tests and state machine included
- RNG Quality: Use hardware RNG in production environments
- Side-channel resistance: Implementations use constant-time operations where possible
- Key management: Secret keys are automatically zeroized, but ensure proper key lifecycle management
- Not yet certified: FIPS 140-3 certification is in progress
See SECURITY.md for more details.
Measured on modern x86_64 hardware (November 2024):
| Operation | Time | Throughput |
|---|---|---|
| ML-KEM-1024 KeyGen | 12.2 µs | ~81,900 ops/sec |
| ML-KEM-1024 Encapsulate | 12.9 µs | ~77,500 ops/sec |
| ML-KEM-1024 Decapsulate | 13.7 µs | ~72,900 ops/sec |
| ML-DSA-65 KeyGen | 29.8 µs | ~33,500 ops/sec |
| ML-DSA-65 Sign | 80.2 µs | ~12,470 ops/sec |
| ML-DSA-65 Verify | 29.1 µs | ~34,360 ops/sec |
Key Insights:
- 🚀 All operations complete in under 100 microseconds
- 🚀 ML-KEM is faster than RSA-2048 for key exchange
- 🚀 ML-DSA is competitive with ECDSA for signatures
- 🚀 Pure Rust with no performance compromises
Run cargo bench to measure on your hardware. See PERFORMANCE_BENCHMARKS.md for detailed analysis.
- Pure Rust implementations via libcrux
-
no_stdsupport (bare metal to full std) - ML-KEM-1024 (Kyber) implementation
- ML-DSA-65 (Dilithium) implementation
- AES-256-GCM integration
- FIPS 140-3 state machine
- Pair-wise Consistency Tests (PCT)
- Hash function CASTs
- Known Answer Tests (KATs) for ML-KEM and ML-DSA
- CSP controls and zeroization
- Comprehensive test suite
- FIPS 140-3 certification documentation
- Additional algorithm support (ML-KEM-768, ML-DSA-87)
- C FFI wrapper (separate crate)
- Python bindings
- WebAssembly support
- Hardware acceleration
- Formal verification
- API Documentation: Run
cargo doc --open - FIPS 140-3 Security Policy: See docs/FIPS_140_3_SECURITY_POLICY.md
- FIPS 140-3 User Guide: See docs/FIPS_140_3_USER_GUIDE.md
- Testing Guide: See docs/TESTING_GUIDE.md
- Security Policy: See SECURITY.md
- Changelog: See CHANGELOG.md
This project is licensed under the MIT License - see the LICENSE file for details.
- libcrux - Pure Rust cryptographic implementations
- NIST - Post-quantum cryptography standardization
- Rust Crypto - Cryptographic primitives ecosystem
Author: Aaron Schnacky
Email: aaronschnacky@gmail.com
Website: www.pqc-combo.com
GitHub: @AaronSchnacky1
For security issues, please see SECURITY.md for responsible disclosure process.
This software is provided "as is" without warranty of any kind. While it implements NIST-standardized algorithms and includes FIPS 140-3 compliance features, it has not yet completed FIPS 140-3 certification. Use in production environments should be evaluated based on your specific security requirements.
Built with ❤️ in Rust | Securing tomorrow's communications today