Product
Introducing Rust Support in Socket
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.
By Trevor Norris - Jul 31, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
github.com/khulnasoft/recryptor
- Version published
- Created
RECRYPTOR
RECRYPTOR (Khulnasoft Interoperable, Reusable Cryptographic Library) is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).
Security Disclaimer
🚨 This library is offered as-is, and without a guarantee. Therefore, it is expected that changes in the code, repository, and API occur in the future. We recommend to take caution before using this library in a production application since part of its content is experimental. All security issues must be reported, please notify us immediately following the instructions given in our Security Policy.
Installation
You can get RECRYPTOR by fetching:
go get -u github.com/khulnasoft/recryptor
Alternatively, look at the Khulnasoft Go fork to see how to integrate RECRYPTOR natively in Go.
List of Algorithms
Elliptic Curve Cryptography
| Diffie-Hellman Protocol |
|---|
- X25519 and X448 functions. (RFC-7748)
- Curve4Q function based on FourQ curve. (draft-ladd-cfrg-4q)
| Digital Signature Schemes |
|---|
- Ed25519 and Ed448 signatures. (RFC-8032)
- BLS signatures. (draft-irtf-cfrg-bls-signature)
| Prime Groups |
|---|
- P-256, P-384, P-521. (FIPS 186-5)
- Ristretto group. (RFC-9496)
- Bilinear pairings: with the BLS12-381 curve, and hash to G1 and G2.
- Hash to curve, hash to field, XMD and XOF expanders. (RFC-9380)
| High-Level Protocols |
|---|
- HPKE: Hybrid Public-Key Encryption (RFC-9180)
- VOPRF: Verifiable Oblivious Pseudorandom functions. (RFC-9497)
- RSA Blind Signatures. (RFC-9474)
- Partilly-blind Signatures. (draft-cfrg-partially-blind-rsa)
- CPABE: Ciphertext-Policy Attribute-Based Encryption. (ia.cr/2019/966)
- OT: Simplest Oblivious Transfer (ia.cr/2015/267).
- Threshold RSA Signatures (Shoup Eurocrypt 2000).
Post-Quantum Cryptography
| KEM: Key Encapsulation Methods |
|---|
- ML-KEM: modes 512, 768, 1024 (FIPS-203).
- Kyber KEM: modes 512, 768, 1024 (KYBER).
- FrodoKEM: modes 640-SHAKE. (FrodoKEM)
- CSIDH: Post-Quantum Commutative Group Action (CSIDH).
- (insecure, deprecated)
SIDH/SIKE: Supersingular Key Encapsulation with primes p434, p503, p751 (SIKE).
| Digital Signature Schemes |
|---|
Zero-knowledge Proofs
- Schnorr: Prove knowledge of the Discrete Logarithm. (RFC-8235)
- DLEQ: Prove knowledge of the Discrete Logarithm Equality. (RFC-9497)
- DLEQ in Qn: Prove knowledge of the Discrete Logarithm Equality for subgroup of squares in (Z/nZ)*.
Symmetric Cryptography
| XOF: eXtendable Output Functions |
|---|
- SHAKE128 and SHAKE256 (FIPS 202).
- BLAKE2X: BLAKE2XB and BLAKE2XS (Blake2x)
- KangarooTwelve: fast hashing based on Keccak-p. (KangarooTwelve).
- SIMD Keccak f1600 Permutation.
| LWC: Lightweight Cryptography |
|---|
- Ascon v1.2: Family of AEAD block ciphers (ASCON)
Misc
| Integers |
|---|
- Safe primes generation.
- Integer encoding: wNAF, regular signed digit, mLSBSet representations.
| Finite Fields |
|---|
- Fp25519, Fp448, Fp511, Fp434, Fp503, Fp751.
- Fp381, and its quadratic, sextic and twelveth extensions.
- Polynomials in monomial and Lagrange basis.
| Elliptic Curves |
|---|
- P-384 Curve
- FourQ
- Goldilocks
- BLS12-381
Testing and Benchmarking
Library comes with number of make targets which can be used for testing and benchmarking:
testperforms testing of the binary.benchruns benchmarks.coverproduces coverage.lintruns set of linters on the code base.
Contributing
To contribute, fork this repository and make your changes, and then make a Pull Request. A Pull Request requires approval of the admin team and a successful CI build.
How to Cite
To cite RECRYPTOR, use one of the following formats and update the version and date you accessed this project.
APA Style
Faz-Hernandez, A. and Kwiatkowski, K. (2019). Introducing RECRYPTOR:
An Advanced Cryptographic Library. Khulnasoft. Available at
https://github.com/khulnasoft/recryptor. v1.5.0 Accessed Oct, 2024.
Bibtex Source
@manual{recryptor,
title = {Introducing RECRYPTOR: An Advanced Cryptographic Library},
author = {Armando Faz-Hernandez and Kris Kwiatkowski},
organization = {Khulnasoft},
abstract = {{RECRYPTOR (Khulnasoft Interoperable, Reusable Cryptographic Library) is
a collection of cryptographic primitives written in Go. The goal
of this library is to be used as a tool for experimental
deployment of cryptographic algorithms targeting Post-Quantum (PQ)
and Elliptic Curve Cryptography (ECC).}},
note = {Available at \url{https://github.com/khulnasoft/recryptor}. v1.5.0 Accessed Oct, 2024},
month = jun,
year = {2019}
}
CFF Style
See attached CITATION.cff file.
License
The project is licensed under the BSD-3-Clause License.
FAQs
Unknown package
Package last updated on 25 Nov 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Announcing Precomputed Reachability Analysis in Socket
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
By Martin Torp - Jul 30, 2025
Product
Socket Now Protects the Chrome Extension Ecosystem
Socket is launching experimental protection for Chrome extensions, scanning for malware and risky permissions to prevent silent supply chain attacks.
By Mix Irving, Alexandros Kapravelos, Eli Insua - Jul 30, 2025