The Linux Foundation Projects
Skip to main content
Blog

PQCA announces alpha-release of mlkem-native

By December 11, 2024No Comments

Hanno Becker (AWS), Matthias Kannwischer (Chelpis)


Earlier this year, the PQCA founded the PQ Code Package project with the aim to develop production-ready, high-assurance implementations of Post-Quantum Cryptography standards. Today, we announce the first release under the PQCP: mlkem-native v1.0.0-alpha.

mlkem-native is an implementation of NIST’s recent FIPS-203 / ML-KEM Post-Quantum Cryptography standard. It is designed to be secure, fast, and easy to use: First, mlkem-native builds on the popular and time-vetted ML-KEM reference implementation, but is retrofitted to the C90 language standard for maximum portability. Next, we apply formal verification at the C-level to protect against common vulnerabilities such as out-of-bounds memory accesses or integer overflows. Finally, mlkem-native provides a backend interface for the seamless integration of optimized native code (e.g. assembler), and ships with high-performance backends for Arm64 and x86_64 giving it state of the art performance on most Arm64, Intel and AMD platforms. Compared to the C reference implementation, mlkem-native offers a ~3x performance improvement.

With this alpha release, we invite you to try out mlkem-native, and provide us with feedback on what we can improve to better support your use case. Please reach out by opening an issue on the mlkem-native repository, or find us on the PQCA Discord.

What’s next for mlkem-native? First, we plan to widen our formal verification efforts to cover functional correctness of the Arm64 and x86_64 native assembly. Second, we are working on a second external API to ML-KEM optimizing it for the common use case of ML-KEM in TLS. And finally, we are still fine-tuning performance of our native backends. So, stay tuned for more!

About PQCA

Public key cryptography is essential in securing all Internet communications.  The mission of the Post-Quantum Cryptography Association (PQCA) is to advance the adoption of post-quantum cryptography, by producing high-assurance software implementations of standardized algorithms, and supporting the continued development and standardization of new post-quantum algorithms with software for evaluation and prototyping.

Sign up for the PQCA’s Mailing List.
Follow the work on GitHub.
Connect with on Discord.
Attend a community Meeting.
Join us as a Member.