Post-Quantum Cryptography (Research)

Part of Statistical Methods — MORIE’s statistical-methods reference.

Warning

MORIE crypto is a teaching/research implementation of NIST-standardized post-quantum cryptography. For production-grade secrets, use hardware KMS or libsodium. Pure-Python ML-KEM is ~100x slower than the reference C implementation and is not constant-time (vulnerable to timing attacks).

MORIE provides a pure-Python post-quantum cryptography module with no external dependencies, suitable for educational use and non-critical research data.

ML-KEM-768 (FIPS 203)

Module Lattice-based Key Encapsulation Mechanism, formerly Kyber768. Provides IND-CCA2-secure key encapsulation using the module-LWE problem.

from morie.crypto import mlkem768_keygen, mlkem768_encaps, mlkem768_decaps

pk, sk = mlkem768_keygen()
ct, shared_secret = mlkem768_encaps(pk)
recovered = mlkem768_decaps(sk, ct)

Parameters: q=3329, n=256, k=3, eta1=2, eta2=2.

ChaCha20-Poly1305 (RFC 8439)

Authenticated encryption with associated data (AEAD). Provides confidentiality and integrity for arbitrary-length messages.

from morie.crypto import chacha20_poly1305_encrypt, chacha20_poly1305_decrypt

ct = chacha20_poly1305_encrypt(key, nonce, plaintext, aad=b"")
pt = chacha20_poly1305_decrypt(key, nonce, ct, aad=b"")

HKDF-SHA256 (RFC 5869)

Key derivation function for expanding keying material.

from morie.crypto import hkdf_sha256
derived = hkdf_sha256(input_key_material, length=32, salt=b"", info=b"")

Hybrid KEM-DEM Construction

The recommended usage combines ML-KEM for key encapsulation with ChaCha20-Poly1305 for data encryption:

from morie.crypto import hybrid_encrypt, hybrid_decrypt, hybrid_keygen

pk, sk = hybrid_keygen()
ciphertext = hybrid_encrypt(b"secret data", pk)
plaintext = hybrid_decrypt(ciphertext, sk)

Container format: kem_ct_len(4B) || kem_ct || nonce(12B) || aead_ct || tag(16B)

CLI Usage

morie crypto keygen --name alice --output ./keys
morie crypto encrypt secret.csv --to ./keys/alice_pk.bin --output secret.morieenc
morie crypto decrypt secret.morieenc --sk ./keys/alice_sk.bin --output secret.csv

Keystore

Encrypted keystore at ~/.morie/keys/keystore.json with scrypt-derived password protection:

from morie.crypto import create_keystore, store_keypair, load_keypair

create_keystore("my-password")
pk, sk = hybrid_keygen()
store_keypair("alice", pk, sk, "my-password")
pk2, sk2 = load_keypair("alice", "my-password")

Security Considerations

  • Not constant-time: Vulnerable to timing side-channels. Do not use for high-value secrets in adversarial environments.

  • No hardware acceleration: Pure Python; ~100x slower than libsodium/C.

  • Research-grade: Suitable for coursework, CTF challenges, and non-critical research data protection.

  • Key material: Never commit *.moriesk, *.morieenc, or ~/.morie/keys/ to version control.