Xwing KEM for Rust

This is a Rust implementation of the hybrid Xwing KEM using Kyber768 (post-quantum) and x25519 (pre-quantum). For primitives it uses a wrapper around PQClean and x25519-dalek.

The details of Xwing are specified in the:

• Paper
• IETF Draft

Usage

The lib exposes functions for use with buffers and some wrapper structs.

Example usage:

use xwing_kem::{XwingKeyPair, XwingCiphertext};

fn main() {
    // Using buffers
    println!("Computing Keypair!");
    let (sk, pk) = xwing_kem::generate_keypair();

    println!("Encapsulating secret to be transmitted!");
    let (shared_secret, ciphertext) = xwing_kem::encapsulate(pk);

    println!("Decapsulating ciphertext with the secret key to get shared secret!");
    let computed_shared_secret = xwing_kem::decapsulate(ciphertext, sk);
    
    // Using structs
    println!("Computing Keypair!");
    let keypair = XwingKeyPair::generate();

    println!("Encapsulating secret to be transmitted!");
    let (ss, ct) = keypair.pk.encapsulate();

    println!("Serializing ciphertext to be transmitted!");
    let ct_bytes = ct.to_bytes();

    println!("Deserializing ciphertext!");
    let ct_res = XwingCiphertext::from(ct_bytes);
    
    println!("Decapsulating ciphertext with the secret key to get shared secret!");
    let ss_result = keypair.sk.decapsulate(ct_res);

    assert_eq!(ss, ss_result);

    println!("Shared secret is: {:x?}", ss_result)
}

Examples

Two examples are included, alice uses Xwing directly with buffers, bob uses wrapper structs.

To run an example call:

cargo run --example bob