Overview
SMAUG-T is a lattice-based key encapsulation mechanism (KEM) that provides quantum-resistant key exchange. It is based on the Module Learning With Errors (Module-LWE) problem and has been optimized for efficiency in Korean cryptographic infrastructure.
Variants and Parameters
| Variant |
Security Level |
Public Key |
Secret Key |
Ciphertext |
Shared Secret |
| SMAUG-T1 |
KPQC-1 (128-bit) |
672 bytes |
96 bytes |
768 bytes |
32 bytes |
| SMAUG-T3 |
KPQC-3 (192-bit) |
992 bytes |
128 bytes |
1088 bytes |
32 bytes |
| SMAUG-T5 |
KPQC-5 (256-bit) |
1344 bytes |
192 bytes |
1472 bytes |
32 bytes |
Security Properties
- Quantum Resistance: Secure against Shor’s algorithm
- IND-CCA2: Indistinguishability under adaptive chosen ciphertext attack
- Forward Secrecy: Compromised long-term keys don’t affect past sessions
- Side-Channel Resistance: Constant-time implementation available
Intel Core i7-10700K @ 3.80GHz
| Operation |
SMAUG-T1 |
SMAUG-T3 |
SMAUG-T5 |
| Key Generation |
42 μs |
68 μs |
95 μs |
| Encapsulation |
55 μs |
87 μs |
122 μs |
| Decapsulation |
62 μs |
98 μs |
138 μs |
ARM Cortex-A72
| Operation |
SMAUG-T1 |
SMAUG-T3 |
SMAUG-T5 |
| Key Generation |
118 μs |
192 μs |
268 μs |
| Encapsulation |
155 μs |
245 μs |
344 μs |
| Decapsulation |
175 μs |
276 μs |
389 μs |
Implementation Example
from metamui_crypto.kpqc import SMAUG_T3
# Generate keypair
public_key, secret_key = SMAUG_T3.generate_keypair()
# Sender: Encapsulation
ciphertext, shared_secret_sender = SMAUG_T3.encapsulate(public_key)
# Receiver: Decapsulation
shared_secret_receiver = SMAUG_T3.decapsulate(ciphertext, secret_key)
# Verify shared secrets match
assert shared_secret_sender == shared_secret_receiver
Comparison with Other KEMs
| Feature |
SMAUG-T3 |
ML-KEM-768 |
NTRU Prime |
Classic McEliece |
| Security Level |
192-bit |
192-bit |
192-bit |
192-bit |
| Public Key Size |
992 B |
1,184 B |
1,158 B |
261,120 B |
| Ciphertext Size |
1,088 B |
1,088 B |
1,184 B |
128 B |
| Speed |
Fast |
Fast |
Moderate |
Slow |
| Structure |
Lattice |
Lattice |
Lattice |
Code |
Use Cases
- TLS 1.3: Post-quantum key exchange in HTTPS
- VPN: Quantum-safe tunnel establishment
- Messaging: End-to-end encryption key agreement
- IoT: Lightweight devices requiring PQC
Standards Compliance
- KPQC Standard (2024)
- Compatible with X.509 certificates
- TLS 1.3 integration specifications
- PKCS#11 support
Implementation Notes
Security Considerations
- Use cryptographically secure random number generator
- Implement constant-time operations to prevent timing attacks
- Clear sensitive data from memory after use
- Validate all inputs before processing
Memory Requirements
// Approximate stack usage
SMAUG_T1: 4 KB
SMAUG_T3: 6 KB
SMAUG_T5: 8 KB
- ML-KEM - NIST standardized lattice KEM
- Haetae - KPQC lattice signature
- NTRU+ - KPQC NTRU variant