@openpgp/crystals-kyber-js
Advanced tools
This fork implements the ML-KEM changes from the NIST FIPS-203 (draft): it exports
MlKem512, 768, 1024instead ofKyber512, 768, 1024.
This library is published on npm (as@openpgp/crystals-kyber-js) but not on deno. We recommend you use the upstream repo. The rest of the README refers to the upstream library.
This module is based on
ntontutoveanu/crystals-kyber-javascript,
but includes the following improvements:
For Node.js, you can install crystals-kyber-js via npm/yarn:
npm install crystals-kyber-js
Then, you can use it as follows:
import { Kyber768 } from "crystals-kyber-js";
async function doKyber() {
// A recipient generates a key pair.
const recipient = new Kyber768(); // MlKem512 and MlKem1024 are also available.
const [pkR, skR] = await recipient.generateKeyPair();
//// Deterministic key generation is also supported
// const seed = new Uint8Array(64);
// globalThis.crypto.getRandomValues(seed); // node >= 19
// const [pkR, skR] = await recipient.deriveKeyPair(seed);
// A sender generates a ciphertext and a shared secret with pkR.
const sender = new Kyber768();
const [ct, ssS] = await sender.encap(pkR);
// The recipient decapsulates the ciphertext and generates the same shared secret with skR.
const ssR = await recipient.decap(ct, skR);
// ssS === ssR
return;
}
try {
doKyber();
} catch (err) {
console.log("failed: ", err.message);
}
Using npm:
npm install crystals-kyber-js
Using yarn:
yarn add crystals-kyber-js
Using deno.land:
// use a specific version
import { Kyber768 } from "https://deno.land/x/crystals_kyber@1.1.1/mod.ts";
// use the latest stable version
import { Kyber768 } from "https://deno.land/x/crystals_kyber/mod.ts";
Followings are how to use this module with typical CDNs. Other CDNs can be used as well.
Using esm.sh:
<!-- use a specific version -->
<script type="module">
import { Kyber768 } from "https://esm.sh/crystals-kyber-js@1.1.1";
// ...
</script>
<!-- use the latest stable version -->
<script type="module">
import { Kyber768 } from "https://esm.sh/crystals-kyber-js";
// ...
</script>
Using unpkg:
<!-- use a specific version -->
<script type="module">
import { Kyber768 } from "https://unpkg.com/crystals-kyber-js@1.1.1";
// ...
</script>
git clone git@github.com:dajiaji/crystals-kyber-js.git
cd crystals-kyber-js
npm install -g esbuild
deno task dnt
deno task minify > $YOUR_SRC_PATH/crystals-kyber.js
This section shows some typical usage examples.
import { Kyber768 } from "crystals-kyber-js";
// const { Kyber768 } = require("crystals-kyber-js");
async function doKyber() {
const recipient = new Kyber768();
const [pkR, skR] = await recipient.generateKeyPair();
const sender = new Kyber768();
const [ct, ssS] = await sender.encap(pkR);
const ssR = await recipient.decap(ct, skR);
// ssS === ssR
return;
}
try {
doKyber();
} catch (err) {
console.log("failed: ", err.message);
}
import { MlKem512 } from "https://deno.land/x/crystals_kyber@1.1.1/mod.ts";
async function doKyber() {
const recipient = new MlKem512();
const [pkR, skR] = await recipient.generateKeyPair();
const sender = new MlKem512();
const [ct, ssS] = await sender.encap(pkR);
const ssR = await recipient.decap(ct, skR);
// ssS === ssR
return;
}
try {
doKyber();
} catch (_err: unknown) {
console.log("failed.");
}
<html>
<head></head>
<body>
<script type="module">
import { MlKem1024 } from "https://esm.sh/crystals-kyber@1.1.1";
globalThis.doKyber = async () => {
try {
const recipient = new MlKem1024();
const [pkR, skR] = await recipient.generateKeyPair();
const sender = new MlKem1024();
const [ct, ssS] = await sender.encap(pkR);
const ssR = await recipient.decap(ct, skR);
// ssS === ssR
return;
} catch (err) {
alert("failed: ", err.message);
}
}
</script>
<button type="button" onclick="doKyber()">do CRYSTALS-KYBER</button>
</body>
</html>
We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.
FAQs
A ML-KEM implementation written in TypeScript
We found that @openpgp/crystals-kyber-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.