This directory contains a PQClean-style clean C implementation of the Rudraksh KEM-poly64 parameter set from IACR ePrint 2024/1170.
This is a community edition implementation. It is not an official implementation by the Rudraksh authors, IACR, NIST, or PQClean, and it should be reviewed and validated independently before production or research benchmarking use.
This implementation targets Rudraksh KEM-poly64:
- Module rank:
l = 9 - Polynomial degree:
n = 64 - Modulus:
q = 7681 - Compression bits for
u:10 - Compression bits for
v:5 - CBD parameters:
eta1 = 2,eta2 = 2 - Encoded message coefficient width:
B = 2
The public API byte sizes are:
- Public key:
952bytes - Secret key:
1920bytes - Ciphertext:
760bytes - Shared secret:
16bytes
You need a C99 compiler and make.
On a typical Linux or WSL environment:
sudo apt install build-essentialNo external cryptographic library is required. The directory includes the clean C implementation, an ASCON-based XOF/hash layer, and a small /dev/urandom-based randombytes implementation for local testing.
Build the static library:
makeThis creates:
librudraksh-kem-poly64_clean.a
Clean generated build artifacts:
make cleanRun the included self-test:
make testThe test performs:
polyandpolyvecserialization round trips- compression/decompression normalization checks
NTT -> INTTround trips- message encode/decode round trips
- CBD coefficient range checks
- deterministic
keypair_derandandenc_derandchecks - repeated KEM key generation, encapsulation, and decapsulation checks
- tampered-ciphertext rejection checks across ciphertext bytes
Expected output:
Rudraksh KEM-poly64 deep self-test passed
For sanitizer testing:
make clean
ASAN_OPTIONS=detect_leaks=0 make test EXTRAFLAGS='-O1 -g -fsanitize=address,undefined -fno-omit-frame-pointer'detect_leaks=0 is useful in WSL/Codex-style ptrace environments where LeakSanitizer may fail to initialize even when AddressSanitizer and UBSan can still run.
Include:
#include "api.h"The exported API is:
int PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
int PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
int PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);The API size constants are:
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_PUBLICKEYBYTES
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_SECRETKEYBYTES
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_CIPHERTEXTBYTES
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_BYTES
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_ALGNAME#include "api.h"
#include <stdint.h>
#include <string.h>
int main(void) {
uint8_t pk[PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_PUBLICKEYBYTES];
uint8_t sk[PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_SECRETKEYBYTES];
uint8_t ct[PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_CIPHERTEXTBYTES];
uint8_t ss_enc[PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_BYTES];
uint8_t ss_dec[PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_CRYPTO_BYTES];
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_keypair(pk, sk);
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_enc(ct, ss_enc, pk);
PQCLEAN_RUDRAKSHKEMPOLY64_CLEAN_crypto_kem_dec(ss_dec, ct, sk);
return memcmp(ss_enc, ss_dec, sizeof ss_enc) == 0 ? 0 : 1;
}Compile an external example against the library:
cc -std=c99 -Wall -Wextra -O3 -I. example.c librudraksh-kem-poly64_clean.a -o example
./exampleapi.h: public KEM API and byte-size constantsparams.h: Rudraksh KEM-poly64 parameters and derived sizeskem.c: CCA-secure KEM layerindcpa.c: underlying IND-CPA public-key encryption layerpoly.c,poly.h: polynomial arithmetic, packing, compression, and message encodingpolyvec.c,polyvec.h: vector-of-polynomial operationsntt.c,ntt.h: 64-point NTT and inverse NTTcbd.c,cbd.h: centered binomial distribution samplersymmetric-ascon.c,symmetric.h: ASCON-based hash, XOF, and PRF helpersverify.c,verify.h: constant-time compare and conditional move helpersrandombytes.c,randombytes.h: local randomness providertest_rudraksh.c: deep self-testMakefile: build and test targets
The implementation follows the PQClean-style directory and API shape, but this directory is not a full PQClean repository integration. To upstream or embed it elsewhere, review namespace conventions, metadata files, test vectors, deterministic RNG hooks, and platform-specific randomness requirements.
The included randombytes.c uses /dev/urandom, which is appropriate for Linux/WSL local testing. If integrating into another framework, replace it with that framework's randomness provider.