@iota-big3/sdk-quantum

Quantum-ready architecture with post-quantum cryptography and future-proof security.

Features

• ⚛️ Post-Quantum Cryptography: NIST-approved algorithms
• 🔐 Hybrid Encryption: Classical + quantum protection
• 🔄 Migration Tools: Smooth transition to quantum-safe
• 🌀 Quantum Simulator: Test quantum algorithms
• 💾 Quantum Storage: Secure data with PQ crypto
• 🚀 Crypto Agility: Switch algorithms seamlessly

Installation

npm install @iota-big3/sdk-quantum

Quick Start

import { createQuantumArchitecture } from '@iota-big3/sdk-quantum';

// Initialize quantum architecture
const quantum = createQuantumArchitecture({
  mode: 'hybrid',
  algorithms: {
    kem: 'kyber',
    signature: 'dilithium'
  },
  securityLevel: 3 // 192-bit security
});

await quantum.initialize();

// Generate quantum-safe keys
const keyPair = await quantum.getCrypto().generateKeyPair('kyber', ['keyEncapsulation']);

Post-Quantum Algorithms

Key Encapsulation (KEM)

// Kyber - NIST standardized
const keys = await crypto.generateKeyPair('kyber', ['keyEncapsulation']);

// Encapsulate (sender)
const { ciphertext, sharedSecret } = await crypto.encapsulate(keys.publicKey);

// Decapsulate (receiver)
const recovered = await crypto.decapsulate(ciphertext, keys.privateKey);

Digital Signatures

// Dilithium - Lattice-based
const sigKeys = await crypto.generateKeyPair('dilithium', ['sign', 'verify']);

// Sign
const signature = await crypto.sign(message, sigKeys.privateKey);

// Verify
const valid = await crypto.verify(message, signature, sigKeys.publicKey);

Alternative Algorithms

// SPHINCS+ - Hash-based (stateless)
const sphincs = await crypto.generateKeyPair('sphincs+', ['sign']);

// FrodoKEM - Conservative choice
const frodo = await crypto.generateKeyPair('frodo', ['keyEncapsulation']);

Hybrid Cryptography

Dual Protection

// Encrypt with both classical and quantum
const result = await crypto.hybridEncrypt(
  data,
  quantumPublicKey,
  classicalPublicKey // Optional
);

// Both must succeed to decrypt
const plaintext = await crypto.hybridDecrypt(
  result.quantumCiphertext,
  result.encapsulatedKey,
  quantumPrivateKey,
  result.classicalCiphertext,
  classicalPrivateKey
);

Migration Tools

Plan Migration

const migration = quantum.getMigration();

// Create migration path
const path = migration.planMigration('rsa-2048', 'kyber');

console.log(`Steps: ${path.steps.length}`);
console.log(`Time: ${path.estimatedTime} hours`);

Execute Migration

// Start migration
const migrationId = await migration.startMigration('system-1', path);

// Monitor progress
const progress = await migration.getProgress(migrationId);
console.log(`Status: ${progress.status}`);
console.log(`Current step: ${progress.currentStep}/${progress.totalSteps}`);

Test Readiness

const ready = await migration.testQuantumReadiness();

if (!ready.ready) {
  console.log('Issues:', ready.issues);
  console.log('Recommendations:', ready.recommendations);
}

Quantum Simulator

Create Circuit

const simulator = quantum.createSimulator(3); // 3 qubits
const circuit = simulator.createCircuit(3);

// Add gates
simulator.addGate(circuit, { type: 'H', qubits: [0] }); // Hadamard
simulator.addGate(circuit, { type: 'CNOT', qubits: [0, 1] }); // Entangle

// Measure
simulator.addMeasurement(circuit, 0, 0);
simulator.addMeasurement(circuit, 1, 1);

Execute Circuit

const results = await simulator.execute(circuit, 1024); // 1024 shots

// Analyze results
for (const [state, count] of Object.entries(results.counts)) {
  console.log(`|${state}⟩: ${count} times`);
}

console.log(`Entanglement: ${results.state.entanglement}`);

Quantum-Safe Storage

Initialize Storage

const storage = quantum.getStorage();
await storage.initialize('strong-password');

Store Encrypted Data

const id = await storage.store('api-key', {
  key: 'sk_live_...',
  permissions: ['read', 'write']
});

Create Backup

const backup = await storage.createBackup(
  ['api-key', 'private-key'],
  'Critical keys backup'
);

// Save backup securely
await saveToSecureLocation(backup);

Secret Sharing

// Split secret into shares
const secret = crypto.getRandomValues(new Uint8Array(32));
const shares = await storage.createSecretShares(
  secret,
  3, // threshold
  5  // total shares
);

// Reconstruct with any 3 shares
const recovered = await storage.reconstructSecret(
  [shares[0], shares[2], shares[4]],
  3
);

Security Levels

NIST Security Levels

• Level 1: 128-bit security (AES-128 equivalent)
• Level 3: 192-bit security (AES-192 equivalent)
• Level 5: 256-bit security (AES-256 equivalent)

Choose Security Level

const config = {
  securityLevel: quantum.recommendSecurityLevel(20) // 20 years protection
};

Performance Optimization

Enable Caching

{
  performance: {
    cacheKeys: true,
    parallelOperations: 4,
    optimizeFor: 'speed' // or 'size', 'balanced'
  }
}

Benchmark Operations

const metrics = await quantum.getMetrics();

console.log(`Key gen: ${metrics.keyGenerationTime}ms`);
console.log(`Ops/sec: ${metrics.operationsPerSecond}`);

Best Practices

1. Start Migration Now

   • Inventory crypto usage
   • Identify long-term data
   • Plan transition timeline

2. Use Hybrid Mode

   mode: 'hybrid' // Not 'quantum-only' yet

3. Monitor Quantum Progress

   const years = quantum.timeToQuantumThreat();
   console.log(`${years} years until threat`);

4. Test Thoroughly

   • Benchmark performance
   • Verify compatibility
   • Test migration paths

API Reference

See API Documentation for detailed reference.

Examples

• Basic Usage
• Migration Guide
• Quantum Circuits
• Secure Storage

Resources

• NIST PQC Standards
• Quantum Threat Timeline
• Migration Best Practices