QubitGuard is a Python package that provides post-quantum cryptographic tools for secure communication. It implements Kyber for key exchange and encryption, and Dilithium for digital signatures, making it resistant to potential quantum computer attacks.
- Post-Quantum Key Exchange: Using Kyber algorithm
- Post-Quantum Digital Signatures: Using Dilithium algorithm
- Secure Message Exchange: End-to-end encrypted communication
- Key Management: Export and import of public keys
- Command-Line Interface: Easy-to-use CLI for all operations
NOTE: Installs from this repository due to a Installs from this repository due to a dependency that does not exist in the Python Index package.
pip install qubitguardFirst, both parties need to generate their key pairs:
# Alice generates her keys
python -m QubitGuard.cli genkeys --output-dir alice_keys
# Bob generates his keys
python -m QubitGuard.cli genkeys --output-dir bob_keysExport and share public keys:
# Alice exports her public keys
python -m QubitGuard.cli export-keys alice_public.json --key-dir alice_keys
# Bob exports his public keys
python -m QubitGuard.cli export-keys bob_public.json --key-dir bob_keys
# Alice imports Bob's public keys
python -m QubitGuard.cli import-keys bob_public.json --output-dir alice/bob_keys
# Bob imports Alice's public keys
python -m QubitGuard.cli import-keys alice_public.json --output-dir bob/alice_keysSend and receive encrypted messages:
# Alice sends a message to Bob
python -m QubitGuard.cli encrypt "Hello Bob! This is a secret message." \
--public-key bob_keys/public_key.bin \
--signing-key alice_keys/signing_private_key.bin \
--output message_to_bob.enc
# Bob decrypts Alice's message
python -m QubitGuard.cli decrypt message_to_bob.enc \
--private-key bob_keys/private_key.bin \
--sender-signing-key alice_keys/signing_public_key.binGenerate a new key pair for encryption and signing.
python -m QubitGuard.cli genkeys --output-dir <directory>Export public keys to share with others.
python -m QubitGuard.cli export-keys <output_file> --key-dir <directory>Import someone else's public keys.
python -m QubitGuard.cli import-keys <input_file> --output-dir <directory>Encrypt a message using recipient's public key.
python -m QubitGuard.cli encrypt <message> --public-key <key_file> --signing-key <key_file> --output <file>Decrypt a message using your private key.
python -m QubitGuard.cli decrypt <encrypted_file> --private-key <key_file> --sender-signing-key <key_file>Sign a message using your private signing key.
python -m QubitGuard.cli sign <message> --signing-key <key_file> --output <file>Verify a message's signature using the sender's public key.
python -m QubitGuard.cli verify <message> <signature> --public-key <key_file>Here's a complete example showing how Alice and Bob can set up secure communication:
# Create directories for Alice and Bob
mkdir -p alice_keys bob_keys
# Generate keys for both parties
python -m QubitGuard.cli genkeys --output-dir alice_keys
python -m QubitGuard.cli genkeys --output-dir bob_keys# Export public keys
python -m QubitGuard.cli export-keys alice_public.json --key-dir alice_keys
python -m QubitGuard.cli export-keys bob_public.json --key-dir bob_keys
# Create directories for storing each other's keys
mkdir -p alice_keys/bob_keys bob_keys/alice_keys
# Import each other's public keys
python -m QubitGuard.cli import-keys bob_public.json --output-dir alice_keys/bob_keys
python -m QubitGuard.cli import-keys alice_public.json --output-dir bob_keys/alice_keys# Alice sends an encrypted message to Bob
python -m QubitGuard.cli encrypt "Hello Bob! This is a secret message from Alice." \
--public-key alice_keys/bob_keys/public_key.bin \
--signing-key alice_keys/dilithium_private_key.bin \
--output alice_to_bob.enc
# Bob decrypts and verifies Alice's message
python -m QubitGuard.cli decrypt alice_to_bob.enc \
--private-key bob_keys/kyber_private_key.bin \
--sender-signing-key bob_keys/alice_keys/signing_public_key.bin
# Bob replies to Alice
python -m QubitGuard.cli encrypt "Hi Alice! I received your message. The secure communication works!" \
--public-key bob_keys/alice_keys/public_key.bin \
--signing-key bob_keys/dilithium_private_key.bin \
--output bob_to_alice.enc
# Alice decrypts and verifies Bob's reply
python -m QubitGuard.cli decrypt bob_to_alice.enc \
--private-key alice_keys/kyber_private_key.bin \
--sender-signing-key alice_keys/bob_keys/signing_public_key.bin# Alice signs a message
python -m QubitGuard.cli sign "This message is authentically from Alice" \
--signing-key alice_keys/dilithium_private_key.bin \
--output alice_signature.bin
# Bob verifies Alice's signature
python -m QubitGuard.cli verify "This message is authentically from Alice" \
alice_signature.bin \
--public-key bob_keys/alice_keys/signing_public_key.binThis demonstration shows:
- Key generation and management
- Public key exchange
- Encrypted message exchange
- Message signing and verification
- Use of separate keys for encryption and signing
- Full end-to-end secure communication workflow
- Post-Quantum Security: Resistant to attacks from both classical and quantum computers
- Perfect Forward Secrecy: Each message uses unique encryption keys
- Message Authentication: All messages are signed and verified
- Key Separation: Different keys for encryption and signing
- Add Google/NumPy style docstrings to all functions
- Create detailed Sphinx documentation
- Add more advanced usage examples
- Improve API documentation
- Publish package to PyPI
- Add CONTRIBUTING.md file for future contributors
- Create CHANGELOG.md to track version changes
- Improve installation and setup process
- Support for multiple post-quantum algorithms
- Fallback functions to classical algorithms
- More robust key management system with automatic rotation
- Support for user groups (not just one-to-one communication)
- Implement public key caching
- Add more security tests
- Implement stricter input validation
- Add security auditing
- Add key integrity checks
- Improve logging and audit system
- Configure GitHub Actions for:
- Automated test execution
- Code coverage verification
- Static code analysis
- Automated deployment
- Add more useful commands
- Improve error handling and user messages
- Add interactive interface
- Add support for configuration via file
- Optimize cryptographic operations
- Add support for asynchronous operations
- Improve memory handling for large data volumes
- Implement parallel processing for intensive operations
python -m pytest tests/This project is licensed under the MIT License - see the LICENSE file for details.
Contributions are welcome! Please feel free to submit a Pull Request.ion
- Digital Signatures: Implementation of post-quantum digital signatures
- Audit Logging: Logging system to track all cryptographic operations
- Python 3.8 or higher
- pip (Python package manager)
pip install .pip install .[quantum]from QubitGuard.crypto_manager import CryptoManager, KeyManager, AuditLog
# Initialize components
crypto_manager = CryptoManager()
key_manager = KeyManager(crypto_manager)
audit_log = AuditLog(crypto_manager)
# Generate key pair for a user
user_id = "user123"
key_manager.generate_new_key_pair(user_id)
private_key, public_key = key_manager.key_store[user_id]
# Encrypt data
message = "Secret message"
encrypted_message = crypto_manager.encrypt_data(message.encode(), public_key)
# Decrypt data
decrypted_message = crypto_manager.decrypt_data(
encrypted_message,
private_key,
crypto_manager.signing_public_key
)
# Log event
audit_log.log_event("Encryption operation completed")# Create virtual environment
python -m venv env
source env/bin/activate # On Linux/Mac
env\Scripts\activate # On Windows
# Install in development mode
pip install -e .[quantum]
# Install development dependencies
pip install pytestpython -m pytest test_crypto_suite.py -v- Private keys should never be shared or stored in plaintext
- The audit log should be protected and backed up regularly
- Keys should be rotated periodically
- Keep the system and dependencies up to date
This project is licensed under the MIT License - see the LICENSE file for details.