Home
pqcrypto is a pure Dart, zero-dependency library implementing the
NIST-standardized post-quantum algorithms ML-KEM (FIPS 203),
ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) — byte-exact against the
official NIST Known-Answer-Test / ACVP vectors, and cross-checked for
interoperability against OpenSSL and liboqs. It runs everywhere Dart runs: Dart
servers, Flutter on iOS/Android/desktop, and the web (dart2js / dart2wasm).
It exists because the asymmetric algorithms most software relies on today (RSA,
ECDH, ECDSA) are broken by a large quantum computer running Shor's algorithm.
ML-KEM, ML-DSA, and SLH-DSA are the NIST replacements, and pqcrypto brings them
to the Dart and Flutter ecosystem with no native bindings and no third-party
packages.
Claim boundary. This is algorithm/KAT-conformance and interoperability evidence, not a CMVP/FIPS 140 module validation. See Security Posture and FIPS Compliance for exactly what is and is not claimed.
flowchart LR
subgraph pqcrypto
direction TB
KEM["ML-KEM (FIPS 203)\nKey Encapsulation\n512 / 768 / 1024"]
DSA["ML-DSA (FIPS 204)\nLattice Signatures\n44 / 65 / 87"]
SLH["SLH-DSA (FIPS 205)\nHash-based Signatures\nall 12 sets"]
end
A["Party A"] -- "encapsulate(pk)" --> KEM
KEM -- "ciphertext + 32-byte secret" --> B["Party B"]
B -- "decapsulate(sk, ct)" --> KEM
S["Signer"] -- "sign(sk, msg)" --> DSA
DSA -- "signature" --> V["Verifier"]
V -- "verify(pk, msg, sig)" --> DSA
S -- "sign(sk, msg)" --> SLH
SLH -- "signature" --> V
V -- "verify(pk, msg, sig)" --> SLH
pqcrypto provides only these three primitives. Symmetric encryption (AEAD),
key derivation (HKDF), classical key exchange (X25519), hashing, and key storage
are intentionally out of scope — bring them from your application stack. The
Cookbook shows exactly how to compose them.
import 'dart:convert';
import 'dart:typed_data';
import 'package:pqcrypto/pqcrypto.dart';
void main() {
// --- ML-KEM: establish a shared secret ---
final kem = PqcKem.kyber768; // or .kyber512 / .kyber1024
final (pk, sk) = kem.generateKeyPair(); // (publicKey, secretKey)
final (ct, ssSender) = kem.encapsulate(pk); // ciphertext + 32-byte secret
final ssReceiver = kem.decapsulate(sk, ct); // identical 32-byte secret
// --- ML-DSA: sign and verify ---
final params = DilithiumParams.mlDsa65; // or mlDsa44 / mlDsa87
final (sigPk, sigSk) = MlDsa.generateKeyPair(params);
final msg = Uint8List.fromList(utf8.encode('hello post-quantum'));
final ctx = Uint8List.fromList(utf8.encode('myapp/v1')); // domain separation
final sig = MlDsa.sign(sigSk, msg, params, ctx: ctx); // hedged by default
final ok = MlDsa.verify(sigPk, msg, sig, params, ctx: ctx);
}New here? Read Installation → Quickstart → Cookbook.
| Area | State |
|---|---|
| Version | 0.4.0 |
| Dependencies | Zero runtime dependencies (pure Dart) |
| ML-KEM | 512 / 768 / 1024 — byte-exact KATs + OpenSSL interop A–G |
| ML-DSA | 44 / 65 / 87 — byte-exact KATs (raw/pure/hashed × det/hedged) |
| SLH-DSA | All 12 sets (SHAKE + SHA-2) — byte-exact on 1,248 ACVP cases |
| Platforms | Dart VM, Flutter (iOS/Android/desktop), Web (dart2js / dart2wasm) |
| Certification | Not CMVP/FIPS 140 validated — algorithm/KAT evidence only |
Getting started · Installation · Quickstart · Cookbook (project ideas)
Algorithms · Cryptographic Algorithms · ML-KEM (FIPS 203) · ML-DSA (FIPS 204) · SLH-DSA (FIPS 205)
Design & internals · Design Philosophy · Architecture · Performance
Assurance · Security Posture · FIPS Compliance · Validation & Interoperability
Integration · Serverpod & Flutter · Multi-Agent PQC Framework
Project · Roadmap · FAQ · Contributing · Documentation Index
The wiki is the friendly front door; the authoritative, version-controlled
documentation lives in the repository's
doc/ directory and
on the pub.dev API docs. The
Documentation Index maps every document.