{"id":34133337,"url":"https://github.com/symbolicsoft/kyber-k2so","last_synced_at":"2026-04-08T12:03:13.874Z","repository":{"id":42588408,"uuid":"283556259","full_name":"symbolicsoft/kyber-k2so","owner":"symbolicsoft","description":"Go implementation of ML-KEM.","archived":false,"fork":false,"pushed_at":"2026-03-21T13:59:09.000Z","size":3057,"stargazers_count":126,"open_issues_count":0,"forks_count":17,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-03-22T04:25:02.414Z","etag":null,"topics":["fips-203","go","kyber","ml-kem","ml-kem-1024","ml-kem-512","ml-kem-768"],"latest_commit_sha":null,"homepage":"https://csrc.nist.gov/pubs/fips/203/final","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/symbolicsoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-07-29T17:03:38.000Z","updated_at":"2026-03-21T13:59:13.000Z","dependencies_parsed_at":"2024-01-01T10:38:41.961Z","dependency_job_id":null,"html_url":"https://github.com/symbolicsoft/kyber-k2so","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"purl":"pkg:github/symbolicsoft/kyber-k2so","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symbolicsoft%2Fkyber-k2so","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symbolicsoft%2Fkyber-k2so/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symbolicsoft%2Fkyber-k2so/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symbolicsoft%2Fkyber-k2so/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/symbolicsoft","download_url":"https://codeload.github.com/symbolicsoft/kyber-k2so/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/symbolicsoft%2Fkyber-k2so/sbom","scorecard":{"id":862887,"data":{"date":"2025-08-11","repo":{"name":"github.com/symbolicsoft/kyber-k2so","commit":"27680ae10e8c88fd0760e2b6cbe874c7520a5105"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":1,"reason":"Found 3/21 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/go.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/symbolicsoft/kyber-k2so/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/symbolicsoft/kyber-k2so/go.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/go.yml:29","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   1 goCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T01:52:47.599Z","repository_id":42588408,"created_at":"2025-08-24T01:52:47.600Z","updated_at":"2025-08-24T01:52:47.600Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31554110,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-08T10:21:54.569Z","status":"ssl_error","status_checked_at":"2026-04-08T10:21:38.171Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fips-203","go","kyber","ml-kem","ml-kem-1024","ml-kem-512","ml-kem-768"],"created_at":"2025-12-15T01:07:43.460Z","updated_at":"2026-04-08T12:03:13.843Z","avatar_url":"https://github.com/symbolicsoft.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Kyber-K2SO\n\n\u003cimg src=\"assets/kyber-k2so.png\" align=\"right\" height=\"200\" width=\"200\"/\u003e\n\n[![Kyber-K2SO](https://github.com/symbolicsoft/kyber-k2so/workflows/Kyber-K2SO/badge.svg)](https://github.com/symbolicsoft/kyber-k2so/actions)\n[![GoDoc](https://godoc.org/github.com/symbolicsoft/kyber-k2so?status.svg)](https://pkg.go.dev/github.com/symbolicsoft/kyber-k2so?tab=overview)\n[![Go Report Card](https://goreportcard.com/badge/github.com/symbolicsoft/kyber-k2so)](https://goreportcard.com/report/github.com/symbolicsoft/kyber-k2so)\n![GitHub](https://img.shields.io/github/license/symbolicsoft/kyber-k2so)\n\n**[Kyber-K2SO](https://github.com/symbolicsoft/kyber-k2so)** is Symbolic Software's clean implementation of [ML-KEM](https://csrc.nist.gov/pubs/fips/203/final) (FIPS 203), the Module-Lattice-Based Key-Encapsulation Mechanism standardized by NIST. ML-KEM is an IND-CCA2-secure key encapsulation mechanism (KEM) whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices.\n\n## Security Disclaimer\n\n🚨 Extensive effort has been undertaken in order to ensure the correctness, interoperability, safety and reliability of this library. Furthermore, it is unlikely that the API will change in the future. While this library is likely ready for production use, it is offered as-is, and without a guarantee.\n\n## Features \u0026 Usage\n\nKeeping in mind the Security Disclaimer above, Kyber-K2SO appears to be appropriate for use in any environment supported by Go: client-side application, server-side applications and more. All operations take no more than a few milliseconds on regular computing hardware.\n\n### Features\n\n* **Small, easy to read code.** Kyber-K2SO keeps it simple with the goal of improving maintainability and being a good pedagogical resource.\n* **Simple API.** `KemKeypair768()` to generate a private key and a public key, `KemEncrypt768(publicKey)` generate and encrypt a shared secret, and `KemDecrypt768(ciphertext, privateKey)` to decrypt the shared secret. Aside from ML-KEM-768, ML-KEM-512 and ML-KEM-1024 are also offered.\n* **Good performance.** Kyber-K2SO is more than fast enough for regular usage in any environment supported by the Go programming language.\n* **Constant time (probably).** As far as we can tell, decryption appears to perform in constant time. Further analysis is encouraged.\n\n### Using Kyber-K2SO\n\n```bash\ngo get -u github.com/symbolicsoft/kyber-k2so\n```\n\n```go\npackage main\n\nimport (\n\tkyberk2so \"github.com/symbolicsoft/kyber-k2so\"\n)\n\nfunc main() {\n\tprivateKey, publicKey, _ := kyberk2so.KemKeypair768()\n\tciphertext, ssA, _ := kyberk2so.KemEncrypt768(publicKey)\n\tssB, _ := kyberk2so.KemDecrypt768(ciphertext, privateKey)\n}\n```\n\nReplace `768` with `512` or `1024` in the above function names in order to call ML-KEM-512 or ML-KEM-1024 instead of ML-KEM-768.\n\n### Running Tests\n\n```bash\n\u003e go test -v\n\n=== RUN   TestSelf512\n--- PASS: TestSelf512 (0.09s)\n=== RUN   TestSelf768\n--- PASS: TestSelf768 (0.14s)\n=== RUN   TestSelf1024\n--- PASS: TestSelf1024 (0.21s)\n=== RUN   TestMLKEM512Vector\n--- PASS: TestMLKEM512Vector (0.00s)\n=== RUN   TestMLKEM768Vector\n--- PASS: TestMLKEM768Vector (0.00s)\n=== RUN   TestMLKEM1024Vector\n--- PASS: TestMLKEM1024Vector (0.00s)\nPASS\nok      github.com/symbolicsoft/kyber-k2so      0.431s\n```\n\n### Running Benchmarks\n\n```bash\n\u003e go test -bench=.\n\ngoos: linux\ngoarch: amd64\npkg: github.com/symbolicsoft/kyber-k2so\ncpu: Intel(R) Core(TM) Ultra 9 275HX\nBenchmarkKemKeypair512-24          52944             22653 ns/op\nBenchmarkKemKeypair768-24          29696             40083 ns/op\nBenchmarkKemKeypair1024-24         19209             60778 ns/op\nBenchmarkKemEncrypt512-24          48856             23307 ns/op\nBenchmarkKemEncrypt768-24          32428             39273 ns/op\nBenchmarkKemEncrypt1024-24         19483             57528 ns/op\nBenchmarkKemDecrypt512-24          36138             33402 ns/op\nBenchmarkKemDecrypt768-24          25008             47869 ns/op\nBenchmarkKemDecrypt1024-24         17690             67303 ns/op\nPASS\nok      github.com/symbolicsoft/kyber-k2so      15.135s\n```\n\n## About Kyber-K2SO\n\nKyber-K2SO is published by [Symbolic Software](https://symbolic.software) under the MIT License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsymbolicsoft%2Fkyber-k2so","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsymbolicsoft%2Fkyber-k2so","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsymbolicsoft%2Fkyber-k2so/lists"}