Project

ml_kem

0.0
The project is in a healthy, maintained state
A Ruby gem providing an implementation of the ML-KEM (formerly Kyber) key-encapsulation mechanism for post-quantum cryptography standards.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Dependencies

Development

~> 1.15.2
~> 5.25.5
~> 13.3.0
~> 0.9.37

Runtime

~> 2.2.2
~> 1.3.2
 Project Readme

MLKEM

ml_kem is a Ruby gem that implements the ML-KEM (Kyber) post-quantum key encapsulation mechanism (KEM), as selected by NIST for standardization under the FIPS 203. It supports key generation, encapsulation, and decapsulation in pure Ruby and includes a command-line interface for easy integration into workflows.

Features

  • Support for all ML-KEM variants: ml_kem_512, ml_kem_768, and ml_kem_1024
  • Public/private key generation
  • Secure encapsulation of a shared secret using the public key
  • Decapsulation of a ciphertext using the private key
  • Command-Line Interface (CLI) built with Thor
  • PEM encoding for key files
  • Easy to use and integrate into Ruby applications

Installation

Install the gem and add to the application's Gemfile by executing:

bundle add ml_kem

If bundler is not being used to manage dependencies, install the gem by executing:

gem install ml_kem

Usage

CLI

The mlkem command-line tool allows you to generate keys, encapsulate, and decapsulate secrets using ML-KEM.

  • Generate keys:

    mlkem keygen -p public_key.pem -s private_key.pem -v ml_kem_768
  • Encapsulate a secret:

    mlkem encaps -p public_key.pem -c ciphertext.txt -k shared_secret.key
  • Decapsulate:

    mlkem decaps -s private_key.pem -c ciphertext.txt -k shared_secret.key

To obtain information about the options available for a command use:

mlkem help COMMAND

Code

require "ml_kem"

# Create an instance with the desired variant

kem = MLKEM::MLKEM.new(variant: :ml_kem_768)

# Generate key pair
public_key, private_key = kem.keygen

# Encapsulate a shared secret
shared_secret, ciphertext = kem.encaps(public_key)

# Decapsulate to recover the shared secret
recovered_secret = kem.decaps(private_key, ciphertext)

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will start an IRB and allow you to experiment.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/MarioRgzLpz/ml_kem.

License

The gem is available as open source under the terms of the MIT License.