{"id":13645403,"url":"https://github.com/cloudflare/circl","last_synced_at":"2026-01-23T00:14:45.045Z","repository":{"id":34948017,"uuid":"147963112","full_name":"cloudflare/circl","owner":"cloudflare","description":"CIRCL: Cloudflare Interoperable Reusable Cryptographic Library","archived":false,"fork":false,"pushed_at":"2025-04-09T21:59:31.000Z","size":15258,"stargazers_count":1418,"open_issues_count":57,"forks_count":162,"subscribers_count":40,"default_branch":"main","last_synced_at":"2025-05-14T22:02:49.642Z","etag":null,"topics":["circl","cryptography","csidh","dilithium","ed25519","ed448","elliptic-curves","go","golang","hpke","kyber","pki","post-quantum","sidh"],"latest_commit_sha":null,"homepage":"http://blog.cloudflare.com/introducing-circl","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudflare.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-09-08T19:20:52.000Z","updated_at":"2025-05-14T19:21:18.000Z","dependencies_parsed_at":"2023-10-14T23:12:28.417Z","dependency_job_id":"2f68d1b7-6d19-4256-a6da-b76621a547e1","html_url":"https://github.com/cloudflare/circl","commit_stats":{"total_commits":525,"total_committers":26,"mean_commits":"20.192307692307693","dds":0.56,"last_synced_commit":"795540340d5c79e5768a0135741cd7c3e5f7de93"},"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fcircl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fcircl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fcircl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudflare%2Fcircl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudflare","download_url":"https://codeload.github.com/cloudflare/circl/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254235686,"owners_count":22036962,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["circl","cryptography","csidh","dilithium","ed25519","ed448","elliptic-curves","go","golang","hpke","kyber","pki","post-quantum","sidh"],"created_at":"2024-08-02T01:02:34.558Z","updated_at":"2026-01-23T00:14:45.036Z","avatar_url":"https://github.com/cloudflare.png","language":"Go","funding_links":[],"categories":["开源类库","Go","cryptography","Repositories","Security \u0026 Privacy","PQC software"],"sub_categories":["加密/解密","Cryptography","General-purpose libraries with PQC support"],"readme":"\u003cimg src=\".etc/icon.png\" align=\"right\" height=\"300\" width=\"300\"/\u003e\n\n# CIRCL\n\n[![GitHub release](https://img.shields.io/github/release/cloudflare/circl.svg)](https://GitHub.com/cloudflare/circl/releases/)\n[![CIRCL](https://github.com/cloudflare/circl/workflows/CIRCL/badge.svg)](https://github.com/cloudflare/circl/actions)\n[![GoDoc](https://godoc.org/github.com/cloudflare/circl?status.svg)](https://pkg.go.dev/github.com/cloudflare/circl?tab=overview)\n[![Go Report Card](https://goreportcard.com/badge/github.com/cloudflare/circl)](https://goreportcard.com/report/github.com/cloudflare/circl)\n[![codecov](https://codecov.io/gh/cloudflare/circl/branch/main/graph/badge.svg)](https://codecov.io/gh/cloudflare/circl)\n\n**CIRCL** (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection\nof cryptographic primitives written in Go. The goal of this library is to be used as a tool for\nexperimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic\nCurve Cryptography (ECC).\n\n## Security Disclaimer\n\n🚨 This library is offered as-is, and without a guarantee. Therefore, it is expected that changes in the code, repository, and API occur in the future. We recommend to take caution before using this library in a production application since part of its content is experimental. All security issues must be reported, please notify us immediately following the instructions given in our [Security Policy](https://github.com/cloudflare/circl/security/policy).\n\n## Installation\n\nYou can get CIRCL by fetching:\n\n```sh\ngo get -u github.com/cloudflare/circl\n```\n\nAlternatively, look at the [Cloudflare Go](https://github.com/cloudflare/go/tree/cf) fork to see how to integrate CIRCL natively in Go.\n\n## List of Algorithms\n\n[RFC-7748]: https://doi.org/10.17487/RFC7748\n[RFC-8032]: https://doi.org/10.17487/RFC8032\n[RFC-8235]: https://doi.org/10.17487/RFC8235\n[RFC-9180]: https://doi.org/10.17487/RFC9180\n[RFC-9380]: https://doi.org/10.17487/RFC9380\n[RFC-9474]: https://doi.org/10.17487/RFC9474\n[RFC-9496]: https://doi.org/10.17487/RFC9496\n[RFC-9497]: https://doi.org/10.17487/RFC9497\n[FIPS 202]: https://doi.org/10.6028/NIST.FIPS.202\n[FIPS 204]: https://doi.org/10.6028/NIST.FIPS.204\n[FIPS 205]: https://doi.org/10.6028/NIST.FIPS.205\n[FIPS 186-5]: https://doi.org/10.6028/NIST.FIPS.186-5\n[BLS12-381]: https://electriccoin.co/blog/new-snark-curve/\n[ia.cr/2015/267]: https://ia.cr/2015/267\n[ia.cr/2019/966]: https://ia.cr/2019/966\n\n### Elliptic Curve Cryptography\n\n| Diffie-Hellman Protocol |\n|:---:|\n\n- [X25519](./dh/x25519) and [X448](./dh/x448) functions. ([RFC-7748])\n- [Curve4Q](./dh/curve4q) function based on FourQ curve. ([draft-ladd-cfrg-4q](https://datatracker.ietf.org/doc/draft-ladd-cfrg-4q/))\n\n| Digital Signature Schemes |\n|:---:|\n\n- [Ed25519](./sign/ed25519) and [Ed448](./sign/ed448) signatures. ([RFC-8032])\n- [BLS](./sign/bls) signatures. ([draft-irtf-cfrg-bls-signature](https://datatracker.ietf.org/doc/draft-irtf-cfrg-bls-signature/))\n\n| Prime Groups |\n|:---:|\n\n - [P-256, P-384, P-521](./group). ([FIPS 186-5])\n - [Ristretto](./group) group. ([RFC-9496])\n - [Bilinear pairings](./ecc/bls12381): with the [BLS12-381] curve, and hash to G1 and G2.\n - [Hash to curve](./group), hash to field, XMD and XOF [expanders](./expander). ([RFC-9380])\n\n| High-Level Protocols |\n|:---:|\n\n - [HPKE](./hpke): Hybrid Public-Key Encryption ([RFC-9180])\n - [VOPRF](./oprf): Verifiable Oblivious Pseudorandom functions. ([RFC-9497])\n - [RSA Blind Signatures](./blindsign/blindrsa). ([RFC-9474])\n - [Partially-blind](./blindsign/blindrsa/partiallyblindrsa/) RSA Signatures. ([draft-cfrg-partially-blind-rsa](https://datatracker.ietf.org/doc/draft-amjad-cfrg-partially-blind-rsa/))\n - [CPABE](./abe/cpabe): Ciphertext-Policy Attribute-Based Encryption. ([ia.cr/2019/966])\n - [OT](./ot/simot): Simplest Oblivious Transfer ([ia.cr/2015/267]).\n - [Threshold RSA](./tss/rsa) Signatures ([Shoup Eurocrypt 2000](https://www.iacr.org/archive/eurocrypt2000/1807/18070209-new.pdf)).\n - [Prio3](./vdaf/prio3) Verifiable Distributed Aggregation Function ([draft-irtf-cfrg-vdaf](https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/)).\n\n### Post-Quantum Cryptography\n\n| KEM: Key Encapsulation Methods |\n|:---:|\n\n - [ML-KEM](./kem/mlkem): modes 512, 768, 1024 ([FIPS-203](https://doi.org/10.6028/NIST.FIPS.203)).\n - [X-Wing](./kem/xwing) ([draft-connolly-cfrg-xwing-kem](https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/)).\n - [Kyber KEM](./kem/kyber): modes 512, 768, 1024 ([KYBER](https://pq-crystals.org/kyber/)).\n - [FrodoKEM](./kem/frodo): modes 640-SHAKE. ([FrodoKEM](https://frodokem.org/))\n - [CSIDH](./dh/csidh): Post-Quantum Commutative Group Action ([CSIDH](https://csidh.isogeny.org/)).\n - (**insecure, deprecated**) ~~[SIDH/SIKE](./kem/sike)~~: Supersingular Key Encapsulation with primes p434, p503, p751 ([SIKE](https://sike.org/)).\n\n| Digital Signature Schemes |\n|:---:|\n\n - [Dilithium](./sign/dilithium): modes 2, 3, 5 ([Dilithium](https://pq-crystals.org/dilithium/)).\n - [ML-DSA](./sign/mldsa): modes 44, 65, 87 ([FIPS 204]).\n - [SLH-DSA](./sign/slhdsa): twelve parameter sets, pure and pre-hash signing ([FIPS 205]).\n\n### Zero-knowledge Proofs\n\n - [Schnorr](./zk/dl): Prove knowledge of the Discrete Logarithm. ([RFC-8235])\n - [DLEQ](./zk/dleq): Prove knowledge of the Discrete Logarithm Equality. ([RFC-9497])\n - [DLEQ in Qn](./zk/qndleq): Prove knowledge of the Discrete Logarithm Equality for subgroup of squares in (Z/nZ)\\*.\n\n### Symmetric Cryptography\n\n| XOF: eXtendable Output Functions |\n|:---:|\n\n - [SHAKE128 and SHAKE256](./xof) ([FIPS 202]).\n - [BLAKE2X](./xof): BLAKE2XB and BLAKE2XS ([Blake2x](https://www.blake2.net/blake2x.pdf))\n - [KangarooTwelve](./xof/k12): fast hashing based on Keccak-p. ([KangarooTwelve](https://keccak.team/kangarootwelve.html)).\n - SIMD [Keccak](https://keccak.team/keccak_specs_summary.html) f1600 Permutation.\n\n| LWC: Lightweight Cryptography |\n|:---:|\n\n- [Ascon v1.2](./cipher/ascon): Family of AEAD block ciphers ([ASCON](https://ascon.iaik.tugraz.at/index.html))\n\n### Misc\n\n| Integers |\n|:---:|\n\n- Safe primes generation.\n- Integer encoding: wNAF, regular signed digit, mLSBSet representations.\n\n| Finite Fields |\n|:---:|\n\n - Fp25519, Fp448, Fp511, Fp434, Fp503, Fp751.\n - Fp381, and its quadratic, sextic and twelveth extensions.\n - Polynomials in monomial and Lagrange basis.\n\n| Elliptic Curves |\n|:---:|\n\n - P-384 Curve\n - [FourQ](https://eprint.iacr.org/2015/565)\n - [Goldilocks](https://eprint.iacr.org/2015/625)\n - [BLS12-381](https://electriccoin.co/blog/new-snark-curve/)\n\n## Testing and Benchmarking\n\nLibrary comes with number of make targets which can be used for testing and\nbenchmarking:\n\n- ``test`` performs testing of the binary.\n- ``bench`` runs benchmarks.\n- ``cover`` produces coverage.\n- ``lint`` runs set of linters on the code base.\n\n## Contributing\n\nTo contribute, fork this repository and make your changes, and then make a Pull\nRequest. A Pull Request requires approval of the admin team and a successful\nCI build.\n\n## How to Cite\n\nTo cite CIRCL, use one of the following formats and update the version and date you accessed this project.\n\nAPA Style\n\n```\nFaz-Hernandez, A. and Kwiatkowski, K. (2019). Introducing CIRCL:\nAn Advanced Cryptographic Library. Cloudflare. Available at\nhttps://github.com/cloudflare/circl. v1.6.3 Accessed Jan, 2026.\n```\n\nBibTeX Source\n\n```bibtex\n@manual{circl,\n  title        = {Introducing CIRCL: An Advanced Cryptographic Library},\n  author       = {Armando Faz-Hernandez and Kris Kwiatkowski},\n  organization = {Cloudflare},\n  abstract     = {{CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is\n                   a collection of cryptographic primitives written in Go. The goal\n                   of this library is to be used as a tool for experimental\n                   deployment of cryptographic algorithms targeting Post-Quantum (PQ)\n                   and Elliptic Curve Cryptography (ECC).}},\n  note         = {Available at \\url{https://github.com/cloudflare/circl}. v1.6.3 Accessed Jan, 2026},\n  month        = jun,\n  year         = {2019}\n}\n```\n\nCFF Style\n\nSee attached [CITATION.cff](CITATION.cff) file.\n\n## License\n\nThe project is licensed under the [BSD-3-Clause License](./LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Fcircl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudflare%2Fcircl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudflare%2Fcircl/lists"}