JSPM

@maatara/core-pqc

0.1.1
    • ESM via JSPM
    • ES Module Entrypoint
    • Export Map
    • Keywords
    • License
    • Repository URL
    • TypeScript Types
    • README
    • Created
    • Published
      • 0
    • Score
      100M100P100Q44266F
    • License Apache-2.0

    Ma'atara Post-Quantum Cryptography Toolkit for Browser and Node.js

    Package Exports

    • @maatara/core-pqc

    Readme

    Ma'atara Core PQC Toolkit

    A portable, audited Post-Quantum Cryptography toolkit for browser and Node.js environments.

    Features

    • Kyber ML-KEM-768: Key encapsulation mechanism for secure key exchange
    • Dilithium2: Digital signatures with post-quantum security
    • HKDF-SHA256: Key derivation function
    • AES-256-GCM: Authenticated encryption
    • Base64url encoding: URL-safe encoding utilities
    • Constant-time operations: Security-focused implementations

    Installation

    npm install @maatara/core-pqc

    Usage

    Browser

    import { initWasm, kyberKeygen, kyberEncaps, dilithiumKeygen, dilithiumSign, dilithiumVerify } from '@maatara/core-pqc';

// Initialize WASM (required once per process)
await initWasm();

// Kyber key exchange
const aliceKeys = await kyberKeygen();
const bobKeys = await kyberKeygen();

const encap = await kyberEncaps(aliceKeys.public_b64u);
const sharedSecret = await kyberDecaps(aliceKeys.secret_b64u, encap.kem_ct_b64u);

// Dilithium signatures
const signKeys = await dilithiumKeygen();
const message = b64uEncode(new TextEncoder().encode("Hello PQC!"));
const signature = await dilithiumSign(message, signKeys.secret_b64u);
const verified = await dilithiumVerify(message, signature.signature_b64u, signKeys.public_b64u);

    Node.js

    const { kyberKeygen, dilithiumKeygen } = require('@maatara/core-pqc');

// Same API as browser

    API Reference

    Kyber ML-KEM-768

    • kyberKeygen(): Generate keypair
    • kyberEncaps(publicKey): Encapsulate shared secret
    • kyberDecaps(secretKey, ciphertext): Decapsulate shared secret

    Dilithium2 (ML-DSA-65 compatible)

    • dilithiumKeygen(): Generate keypair
    • dilithiumSign(message, secretKey): Sign message
    • dilithiumVerify(message, signature, publicKey): Verify signature

    HKDF

    • hkdfSha256(secret, info, salt?, length): Derive key

    AES-GCM

    • aesGcmWrap(key, plaintext, aad): Encrypt data
    • aesGcmUnwrap(key, iv, ciphertext, aad): Decrypt data

    Security Notes

    • Zero-knowledge: Server never receives user secrets or DEKs
    • Post-quantum security: Resistant to quantum computing attacks
    • Constant-time operations: Prevents timing attacks
    • Audited implementations: Uses vetted cryptographic libraries

    Building from Source

    # Build WASM package
cd packages/core-pqc-wasm
wasm-pack build --target web --out-dir pkg

# Build npm package
cd ../core-pqc
npm run build

    License

    Apache-2.0