Cryptographic Algorithms
MetaMUI Crypto Primitives implements 49 cryptographic algorithms across 10 platforms, all as pure implementations without external dependencies.
Algorithm Categories
ð Post-Quantum Cryptography
Quantum-resistant algorithms for future-proof security:
- ML-KEM-768 (Kyber) - NIST-standardized key encapsulation
- Dilithium - Lattice-based digital signatures
- Falcon-512 - Compact post-quantum signatures
- NTRU Prime - Alternative post-quantum KEM
âïļ Digital Signatures
Classical and modern signature algorithms:
- Ed25519 - EdDSA over Curve25519
- Ed25519-ZIP215 - ZIP-215 compliant variant
- Sr25519 - Schnorrkel signatures for blockchain
- RSA-2048 - Transitional RSA for PQC migration (deprecated 2030)
ð Symmetric Encryption
Block and stream ciphers with authenticated modes:
- AES-256 - Advanced Encryption Standard
- ChaCha20 - High-speed stream cipher
- ChaCha20-Poly1305 - AEAD construction
- ARIA-256 - Korean standard cipher
- Camellia-256 - Japanese standard cipher
- Deoxys-II - CAESAR competition winner
#ïļâĢ Hash Functions
Cryptographic hash functions for various use cases:
- SHA-256 - 256-bit Secure Hash Algorithm
- SHA-512 - 512-bit Secure Hash Algorithm
- Blake2b - Faster than SHA-3
- Blake2s - Optimized for small messages
- Blake3 - Parallel-friendly hash
- SHAKE-256 - Extendable output function
- FlatHash - Fast non-cryptographic hash
ð Key Derivation
Functions for deriving keys from passwords or other sources:
- Argon2 - Memory-hard password hashing
- PBKDF2 - Password-based key derivation
- HKDF - HMAC-based key derivation
ð Key Exchange
Secure key agreement protocols:
- X25519 - Elliptic curve Diffie-Hellman
ð Message Authentication
Message authentication codes and PRFs:
- HMAC - Keyed-hash message authentication
- Poly1305 - One-time authenticator
- SipHash - Short-input PRF
ðē Random Number Generation
Cryptographically secure random number generators:
- HMAC-DRBG - Deterministic random bit generator
ðŠķ Lightweight Cryptography
Optimized algorithms for resource-constrained environments:
- Ascon - Lightweight AEAD
ð ïļ Utility Functions
Supporting cryptographic utilities:
- BIP39 - Mnemonic phrase generation
Algorithm Selection Guide
For New Applications
- Encryption: ChaCha20-Poly1305 or AES-256-GCM
- Signatures: Ed25519 or Dilithium (post-quantum)
- Key Exchange: X25519 or ML-KEM-768 (post-quantum)
- Hashing: Blake3 or SHA-256
- Password Hashing: Argon2id
- Message Authentication: HMAC or Poly1305
- Random Generation: HMAC-DRBG
- Lightweight AEAD: Ascon
For Compatibility
- Encryption: AES-256 (universal support)
- Signatures: Ed25519 (wide adoption)
- Hashing: SHA-256 (standard requirement)
- Key Derivation: PBKDF2 (legacy systems)
For Post-Quantum Security
- Key Exchange: ML-KEM-768
- Signatures: Dilithium or Falcon-512
- Hybrid Approach: Combine classical + post-quantum
Security Levels
| Algorithm | Security Level | Quantum-Resistant |
|---|---|---|
| ML-KEM-768 | 192 bits | â Yes |
| Dilithium | 128-256 bits | â Yes |
| Falcon-512 | 128 bits | â Yes |
| NTRU Prime | 128-256 bits | â Yes |
| Ascon | 128 bits | â Yes |
| Ed25519 | 128 bits | â No |
| X25519 | 128 bits | â No |
| AES-256 | 256 bits | â ïļ Partial (128-bit) |
| ChaCha20 | 256 bits | â ïļ Partial (128-bit) |
| SHA-256 | 128 bits collision | â ïļ Partial |
| Blake3 | 128 bits minimum | â ïļ Partial |
| Argon2 | Configurable | â ïļ Partial |
| HMAC | Hash-dependent | â ïļ Partial |
| Poly1305 | 128 bits | â ïļ Partial |
| SipHash | 64 bits | â ïļ Partial |
Performance Characteristics
Speed Rankings (Operations/Second)
- Blake3 - Fastest hashing
- ChaCha20 - Fastest encryption
- Ed25519 - Fast signatures
- AES-256 - Fast with hardware support
- ML-KEM-768 - Fast post-quantum KEM
Memory Usage
- Low: SHA-256, Blake3, ChaCha20
- Medium: Ed25519, AES-256, ML-KEM-768
- High: Argon2 (configurable), Dilithium
Key/Signature Sizes
| Algorithm | Public Key | Private Key | Signature | |ââââ|ââââ|ââââ-|ââââ| | Ed25519 | 32 bytes | 32 bytes | 64 bytes | | Sr25519 | 32 bytes | 32 bytes | 64 bytes | | Dilithium | 1312 bytes | 2528 bytes | 2420 bytes | | Falcon-512 | 897 bytes | 1281 bytes | 690 bytes | | ML-KEM-768 | 1184 bytes | 2400 bytes | N/A |
Implementation Details
All algorithms are:
- â Implemented in pure code (no external dependencies)
- â Constant-time where applicable
- â Cross-platform compatible
- â Extensively tested with official test vectors
- â Security audited
Standards Compliance
Our implementations follow these standards:
- NIST: FIPS 140-2, SP 800-series
- IETF: RFC 7748, RFC 8032, RFC 8439
- CAESAR: Competition winners
- eSTREAM: Portfolio algorithms
- Post-Quantum: NIST PQC standardization
For detailed information about specific algorithms, explore the category pages above or consult the API documentation.