Cypheron Core

IMPORTANT DEVELOPMENT STATUS NOTICE

This library is currently in ACTIVE DEVELOPMENT (v0.1.0) and is EXPERIMENTAL.

This is a Rust wrapper around official NIST reference implementations - not custom cryptography. The core algorithms are NIST-certified, but the Rust integration layer has NOT undergone:

Independent security audits of FFI bindings

Formal verification of memory safety wrappers

Production environment validation

DO NOT USE IN PRODUCTION without comprehensive integration review and testing.

Risk areas: FFI safety, memory management, build system - NOT the underlying NIST algorithms.

Post-quantum cryptography library implementing NIST-standardized quantum-resistant algorithms

Cypheron Core is a Rust library implementing NIST-standardized quantum-resistant algorithms designed to protect against both classical and quantum computer attacks. The library provides high-performance implementations with strong security guarantees.

Quick Start

Add to your Cargo.toml:

[dependencies]
cypheron-core = "0.1.0"

Basic usage:

#![allow(unused)]
fn main() {
use cypheron_core::kem::{MlKem768, Kem};

// Generate keypair
let (public_key, secret_key) = MlKem768::keypair()?;

// Encapsulate shared secret  
let (ciphertext, shared_secret) = MlKem768::encapsulate(&public_key)?;

// Decapsulate shared secret
let decapsulated_secret = MlKem768::decapsulate(&ciphertext, &secret_key)?;
assert_eq!(shared_secret.expose_secret(), decapsulated_secret.expose_secret());
}

Algorithms Supported

Key Encapsulation Mechanisms (KEM)

ML-KEM-512

Security Level 1

ML-KEM-768

Security Level 3

ML-KEM-1024

Security Level 5

Digital Signatures

ML-DSA-44

Security Level 2

ML-DSA-65

Security Level 3

ML-DSA-87

Security Level 5

Falcon-512

Security Level 1

Falcon-1024

Security Level 5

SPHINCS+

Multiple variants available

Hybrid Cryptography

ECC + ML-DSA: Classical elliptic curve + post-quantum signatures
Hybrid KEM: Combined classical and post-quantum key agreement

Performance

Algorithm	Key Gen	Sign/Encaps	Verify/Decaps
ML-KEM-768	~50μs	~60μs	~80μs
ML-DSA-65	~120μs	~250μs	~110μs

Security Features

Side-channel resistance: Constant-time implementations
Memory safety: Secure key zeroization
NIST compliance: Implements FIPS 203, 204, 205 standards
Production hardened: Extensive testing and validation

Documentation Sections

Getting Started - Installation and basic usage
API Reference - Complete API documentation
Algorithms - Detailed algorithm documentation
Security - Security model and considerations
Troubleshooting - Common issues and solutions

Error Handling

When you encounter errors, they include direct links to relevant documentation:

#![allow(unused)]
fn main() {
match MlKem768::keypair() {
    Ok((pk, sk)) => { /* use keys */ },
    Err(e) => {
        // Error includes link: ERROR-KEM-001
        // See: https://docs.rs/cypheron-core/troubleshooting/errors.html#error-kem-001
        eprintln!("Key generation failed: {}", e);
    }
}
}

Local Development

Run the documentation locally:

# Install mdBook
cargo install mdbook

# Serve documentation with hot reload
cd docs
mdbook serve

# Open http://localhost:3000 in your browser

License

Licensed under the Apache License 2.0. See LICENSE for details.

Development Status: This library (v0.1.0) contains experimental implementations and has not been audited. DO NOT USE IN PRODUCTION without thorough security review. Built with C vendor code + Rust FFI requiring careful validation. See Security Model for details.

Cypheron Core Documentation