Skip to content

v0.1.6-beta

Choose a tag to compare

View all tags
@gh4rib gh4rib released this 13 Jun 17:44
· 3 commits to main since this release
0.1.6
ac3a071
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Massive Changes inside the SUITS and adding HPQC

This is a monumental release for the Post-Quantum Privacy Guard (PQPG). We have successfully completed a total overhaul of the cryptographic routing layer, effectively transforming PQPG into a mathematically absolute, 120-suite Hybrid Post-Quantum engine.

By strictly adhering to SOLID software engineering principles, these massive upgrades were implemented entirely within the Adapter and Registry layers. The core Double Ratchet, Stateful Vaults, and Sealed Sender network protocols required zero structural modifications and remain 100% backward compatible.

Major Features

  • The 120-Suite Universal Hybrid Engine: We have enforced a strict "Hybrid-Only" rule across all 120 identity configurations. The engine guarantees that every single cryptographic operation is mathematically backed by at least one classical baseline curve (X25519, X448, Ed25519, Ed448).
  • Native Katzenpost HPQC Integration: Natively imports highly optimized CGO/Assembly implementations of Code-based (McEliece, HQC) and NTRU-lattice (SNTRUP) algorithms.
  • The Dynamic Cryptographic Combiner: The engine can now dynamically pair any Post-Quantum algorithm from any library with a classical ECC curve on the fly. KEM combinations are securely blended using a SHA3-512 KDF, while DSA combinations generate independent, concatenated dual-proofs.
  • Cross-Library Paranoia Composites:
    Introduced extreme cross-library suites (e.g., Code-Based McEliece-8192 from hpqc paired with Lattice-Based Dilithium5 from circl). This defends against both algorithmic breakthroughs and single-library supply chain attacks.
  • Intelligent Namespace Routing:
    The new crypto.Registry seamlessly parses explicit URI-style namespaces (Hpqc- vs Hybrid-), instantly resolving the dependency collision between Katzenpost's native hybrids and our custom PQPG dynamic wrappers.

Security Enhancements & Entropy Fixes

  • 64-Byte Entropy Expansion: The stateless.go extraction layer was upgraded. The SHA3-512 master cryptographic combiner now safely passes 64 bytes (512 bits) of pure entropy directly into the stream ratchets. This guarantees maximum security margins for massive wide-block ciphers like Threefish-1024 and fully supports the massive entropy generated by McEliece8192128.
  • Stateful Signature Isolation: FIPS-205 Stateful signatures (LMS/XMSS) remain completely air-gapped from the dynamic hybrid layer. The anti-rollback hardware-safe atomic swaps continue to operate with extreme rigidity.
  • Scorched Earth Dependency Localization:
    To permanently protect PQPG from the "Transitive Dependency Hell" caused by vanishing upstream repositories (git.xx.network), all upstream HPQC primitives have been localized and hard-forked into the internal/ directory.

Deprecations & Removals

  • The hardcoded "X-Wing" nomenclature has been fully deprecated in the identity router in favor of the standardized dynamic identifier (Hybrid-ML-KEM-768+X25519). (Note: The underlying standard IETF draft-connolly-cfrg-xwing-kem implementation via CIRCL remains natively supported).
  • Removed broken upstream dependency references to katzenpost/circl to prevent compile-time interface panics.
Assets 2
Loading