Question 1

How do I choose between ML-DSA and SLH-DSA for signatures in noble-post-quantum?

Accepted Answer

Based on the README's 'What should I use?' section, ML-DSA is faster with smaller signatures, while SLH-DSA is hash-based and more conservative but much slower. For most cases, ML-DSA is recommended unless you prioritize hash-based security despite the performance hit.

Question 2

Is noble-post-quantum safe for production use in 2024?

Accepted Answer

The library is self-audited and follows best practices like PGP-signed releases, but it hasn't been independently audited. Use it with caution in high-risk applications, and monitor for updates or third-party reviews.

Question 3

noble-post-quantum vs libsodium for post-quantum crypto?

Accepted Answer

noble-post-quantum focuses on auditable, pure JavaScript implementations of NIST standards with tree-shaking, while libsodium is a broader crypto library with native bindings and may not include all post-quantum algorithms. Choose noble-post-quantum for transparency and minimal dependencies.

Question 4

How to implement hybrid key exchange with noble-post-quantum in Node.js?

Accepted Answer

Import hybrid algorithms like XWing from '@noble/post-quantum/hybrid.js', then use functions such as ml_kem768_x25519 for key generation and encapsulation, combining post-quantum KEM with classic ECC for transitional security.

Question 5

What are the performance benchmarks for ML-KEM in noble-post-quantum?

Accepted Answer

Benchmarks show ML-KEM-768 achieves around 3,778 ops/sec for keygen and 4,029 ops/sec for decapsulate on Apple M4, making it fast for JavaScript, but slower than potential WASM alternatives.

Question 6

Can I use noble-post-quantum in a browser without a build step?

Accepted Answer

Yes, a standalone file 'noble-post-quantum.js' is available for direct browser use, but for optimal bundle size, it's better to use imports and tree-shaking with a build tool like Webpack or Vite.

noble-post-quantum

What is noble-post-quantum?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions