cuPQC-PK: Post-Quantum Cryptography#

The cuPQC-PK library provides GPU-accelerated implementations of NIST-standardized post-quantum cryptographic algorithms. Designed as a device-side library, cuPQC-PK integrates directly into your CUDA kernels, enabling you to fuse cryptographic operations with your application logic for maximum performance and minimal latency.

The library implements side-channel security protections and supports high-throughput batched operations, making it ideal for applications requiring both quantum-resistant security and exceptional performance.

Supported Algorithms#

The cuPQC-PK library supports ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism, FIPS-203) for quantum-resistant key establishment, and ML-DSA (Module-Lattice-Based Digital Signature Algorithm, FIPS-204) for post-quantum digital signatures and authentication.

Algorithm Family

Parameter Set

NIST Security Category

ML-KEM-512

1 (≈ AES-128)

ML-KEM

ML-KEM-768

3 (≈ AES-192)

ML-KEM-1024

5 (≈ AES-256)

ML-DSA-44

2 (≈ SHA-256)

ML-DSA

ML-DSA-65

3 (≈ AES-192)

ML-DSA-87

5 (≈ AES-256)

ML-KEM (FIPS-203)#

ML-KEM, or Module-Lattice-Based Key Encapsulation Mechanism, is standardized under FIPS-203 by NIST. The library includes highly optimized implementations of the following ML-KEM operations:

  • Key Generation: Efficiently generates cryptographic key pairs.

  • Encapsulation: Securely encapsulates a shared secret.

  • Decapsulation: Recovers the shared secret from the encapsulated data.

The library supports multiple parameter sets to cater to various security levels and performance requirements:

  • ML-KEM-512

  • ML-KEM-768

  • ML-KEM-1024

ML-DSA (FIPS-204)#

ML-DSA, or Module-Lattice-Based Digital Signature Algorithm, is standardized under FIPS-204 by NIST. The library offers optimized implementations of the following ML-DSA operations:

  • Key Generation: Generates cryptographic key pairs suitable for digital signatures.

  • Signing: Produces a digital signature for a given message.

  • Verification: Validates the authenticity of a digital signature.

Similar to ML-KEM, the library supports various parameter sets to address different security needs:

  • ML-DSA-44

  • ML-DSA-65

  • ML-DSA-87

Key Features#

  • High Performance: Exploits the parallel processing power of NVIDIA GPUs to accelerate cryptographic operations.

  • Batched Operations: Supports batch processing to enhance throughput and efficiency.

  • Security: Implements NIST-standardized algorithms, ensuring compliance with the latest cryptographic standards.

  • Side-Channel Security: Incorporates measures to protect against side-channel attacks, ensuring the robustness of cryptographic operations.