Cross-platform Python library for Post-Quantum Cryptography using precompiled PQClean binaries
QuantCrypt is a cross-platform Python library for Post-Quantum Cryptography using precompiled PQClean binaries. While QuantCrypt contains multiple variants of PQC algorithms that are standardized by NIST, it is recommended to use only the strongest variants as recommended by the CNSA advisory by NSA.
Currently, there does not exist any pure-Python implementation of Post-Quantum Cryptographic algorithms, which requires Python developers to first discover where to get reliable C source code of PQC algorithms, then install the necessary C compilers on their system and then figure out how to use CFFI to compile and use the C code in their Python source code. Furthermore, those binaries would be only compatible with the platform that they were compiled on, making it very difficult to use separate platforms for development and deployment workflows, without having to recompile the C source code each time.
This library solves this problem by pre-compiling the C source code of PQC algorithms for Windows, Linux and Darwin platforms in GitHub Actions using CFFI, and it also provides a nice Python wrapper around the PQC binaries. Since I wanted this library to be all-encompassing, it also contains a lot of helper classes which one might need when working with Post-Quantum cryptography. This library places a lot of focus on Developer Experience, aiming to be powerful in features, yet easy and enjoyable to use, so it would just work for your project.
The full documentation of this library can be found in the Wiki. Because this library is rich in docstrings which provide detailed insight into the library's behavior, it is suggested to use an IDE which supports autocomplete and code insights when working with this library. Most popular choices are either PyCharm or VS Code with Python-specific plugins.
To install QuantCrypt with its default dependencies (no compiler), use one of the following commands:
Using UV (recommended):
uv add quantcrypt
Using Poetry:
poetry add quantcrypt
Using pip:
pip install quantcrypt
If you want to recompile PQA binaries on your own machine, you can install QuantCrypt with
optional dependencies by appending [compiler] to one of the install commands outlined above.
QuantCrypt publishes prebuilt wheels with precompiled binaries to the PyPI registry. If your platform supports one of the prebuilt wheels, then you don't need to install QuantCrypt with the compiler option to be able to use the library.
Note: If you do decide to recompile PQA binaries, you will need to install platform-specific C/C++ build
tools like Visual Studio, Xcode or
GNU Make (non-exhaustive list).
Note: If you attempt to import the compiler module programmatically when optional dependencies are missing, you will receive an import error.
from quantcrypt import (
kem, # Key Encapsulation Mechanism algos - public-key cryptography
dss, # Digital Signature Scheme algos - secret-key signatures
cipher, # The Krypton Cipher - symmetric cipher based on AES-256
kdf, # Argon2 helpers + KMAC-KDF - key derivation functions
errors, # All errors QuantCrypt may raise - also available from other modules
utils, # Helper utilities from all modules - gathered into one module
compiler # Tools for compiling PQA binaries - requires optional dependencies
)
The general functionality of this library is also available from the command-line, which you can access
with the qclib command. Keep in mind that if you install QuantCrypt into a venv, you will need to activate
the venv to access the CLI. QuantCrypt uses Typer internally to provide the CLI experience.
You can use the --help option to learn more about each command and subcommand.
qclib --help
qclib --version
qclib info --help
qclib keygen --help
qclib encrypt --help
qclib decrypt --help
qclib sign --help
qclib verify --help
qclib remove --help
qclib compile --help
Note: The compile CLI command becomes available when QuantCrypt
has been installed with optional dependencies for the compiler.
The PQC algorithms used in this library inherit their security from the PQClean project. You can read the security statement of the PQClean project from their SECURITY.md file. To report a security vulnerability for a PQC algorithm, please create an issue in the PQClean repository.
This library would be impossible without these essential dependencies:
I thank the creators and maintainers of these libraries for their hard work.
FAQs
Cross-platform Python library for Post-Quantum Cryptography using precompiled PQClean binaries
We found that quantcrypt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.
Security News
TypeScript Native Previews offers a 10x faster Go-based compiler, now available on npm for public testing with early editor and language support.
Research
Security News
Malicious npm packages targeting React, Vue, Vite, Node.js, and Quill remained undetected for two years while deploying destructive payloads.