Introducing AegisPQC: Production-Ready Post-Quantum Cryptography for Python and Node.js

The Quantum Threat is Real

Quantum computers aren't science fiction anymore. In 2023, IBM unveiled a 1,121-qubit quantum processor. Google's Willow quantum chip achieved error rates so low that adding more qubits actually reduces errors—a breakthrough that brings us closer to practical quantum computing. When large-scale quantum computers arrive, they will break RSA-2048 in under 8 hours and ECDSA-256 in mere seconds.

Your encrypted data today could be decrypted tomorrow. Adversaries are already harvesting encrypted communications now to decrypt them once quantum computers become available—a strategy known as "store now, decrypt later."

The good news? The cryptography community saw this coming, and the solution is here.

NIST Post-Quantum Standards Are Here

After an 8-year standardization process involving cryptographers worldwide, NIST finalized the first three post-quantum cryptography standards in August 2024:

• FIPS 203: ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) - for key exchange

• FIPS 204: ML-DSA (Module-Lattice-Based Digital Signature Algorithm) - for digital signatures

• FIPS 205: SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) - for signatures

These aren't experimental algorithms. They're production-ready, thoroughly vetted cryptographic standards designed to resist attacks from both classical and quantum computers.

Introducing AegisPQC

Today, we're excited to announce AegisPQC 1.0.0—a production-ready post-quantum cryptography library that makes migrating from RSA/ECDSA to quantum-safe algorithms as simple as changing a few lines of code.

Available for Python and Node.js

# Python
pip install aegispqc

# Node.js
npm install @aegissemi/aegispqc

Why AegisPQC?

1. NIST-Standardized Algorithms

AegisPQC implements all three NIST standards plus 50+ additional post-quantum algorithms:

• ML-KEM-512, ML-KEM-768, ML-KEM-1024 (FIPS 203)

• ML-DSA-44, ML-DSA-65, ML-DSA-87 (FIPS 204)

• SLH-DSA (FIPS 205)

• Plus: Falcon, SPHINCS+, Classic McEliece, FrodoKEM, and more

2. Drop-in Replacement for RSA/ECDSA

Migrating shouldn't require rewriting your entire application. AegisPQC provides a compatibility layer that mimics familiar RSA/ECDSA APIs:

Before (vulnerable to quantum attacks):

from cryptography.hazmat.primitives.asymmetric import rsa
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()

After (quantum-safe):

from aegispqc.compat import RSA
private_key = RSA.generate_key()  # Uses ML-KEM-768 internally
public_key = private_key.public_key()
# Same API, quantum-safe!

3. Production-Ready Features

Unlike low-level cryptography libraries that only provide raw algorithms, AegisPQC includes everything you need for production:

• ✅ AEAD Encryption - ChaCha20-Poly1305, AES-256-GCM

• ✅ Key Serialization - PEM, DER, JWK, OpenSSH formats

• ✅ X.509 Certificates - Self-signed certificate generation

• ✅ Hybrid Cryptography - Combine PQC with classical algorithms

• ✅ Stream Encryption - Memory-efficient large file encryption

• ✅ Audit Logging - SIEM integration for compliance

• ✅ Batch Operations - Process multiple operations efficiently

4. High Performance

AegisPQC is built on top of liboqs, the industry-standard C library for post-quantum cryptography, providing excellent CPU performance:

All operations complete in under 2 milliseconds—fast enough for real-time applications.

5. Cross-Platform and Easy to Use

• Platforms: Windows, Linux, macOS

• Python: 3.8 - 3.12

• Node.js: 14+

• 278 passing tests with comprehensive coverage

Real-World Use Cases

Secure Messaging

from aegispqc import PQCEncryption

enc = PQCEncryption()
pub, sec = enc.generate_keypair()

# Authenticated encryption with additional data
ciphertext = enc.encrypt(
    b"Secret message",
    pub,
    aad=b"sender:alice,recipient:bob"
)

plaintext = enc.decrypt(ciphertext, sec, aad=b"sender:alice,recipient:bob")

Digital Document Signing

const aegispqc = require('@aegissemi/aegispqc');

// Generate signing keypair
const sig = new aegispqc.ML_DSA_65();
const { publicKey, secretKey } = sig.keypair();

// Sign document
const document = Buffer.from('Important contract');
const signature = sig.sign(document, secretKey);

// Verify (anyone with public key can verify)
const isValid = sig.verify(document, signature, publicKey);
console.log(isValid); // true

Hybrid Cryptography (Best of Both Worlds)

For maximum security during the transition period, combine quantum-safe algorithms with classical ones:

from aegispqc import HybridKEM

# Combine ML-KEM-768 (quantum-safe) with X25519 (classical)
hybrid = HybridKEM(pqc_algorithm="ML-KEM-768", classical_algorithm="X25519")
pub, sec = hybrid.generate_keypair()

ct, shared_secret = hybrid.encapsulate(pub)
recovered_secret = hybrid.decapsulate(ct, sec)

# Both algorithms must be secure for the system to remain secure

This approach provides security even if one of the algorithms is broken in the future.

Why Act Now?

1. Compliance Requirements

Government agencies and regulated industries are already mandating post-quantum cryptography:

• NIST: Federal agencies must begin migration by 2030

• NSA: Recommends immediate planning for PQC migration

• EU: Quantum-safe cryptography in GDPR successor frameworks

• Financial Sector: Basel Committee considering quantum risks

2. "Store Now, Decrypt Later" Attacks

Adversaries are harvesting encrypted data today to decrypt it once quantum computers are available. If your data needs to remain confidential for more than 5-10 years, you need quantum-safe encryption now.

3. Migration Takes Time

Migrating cryptographic infrastructure isn't instantaneous. It requires:

• Identifying all cryptographic systems

• Testing compatibility

• Gradual rollout to prevent disruptions

• Key rotation and certificate updates

Starting early gives you time to migrate safely.

Open Source and Enterprise Editions

Open Source (MIT License)

The core AegisPQC library is free and open source under the MIT license. It includes:

• All NIST-standardized algorithms

• CPU-optimized implementations

• Production-ready features

• Full documentation and examples

• Community support via GitHub

Enterprise Edition

For organizations requiring maximum performance and dedicated support:

• NVIDIA cuPQC GPU Acceleration - 143x faster keygen, 99x faster encapsulation

• ICICLE GPU Backend - Hardware-accelerated cryptography

• Priority Support & SLA - Guaranteed response times

• Advanced Monitoring - Performance analytics and profiling

• Dedicated Account Management - Expert consulting

📧 Contact: enterprise@aegissemi.com

Getting Started

Python Installation

pip install aegispqc

Quick Example:

from aegispqc import ML_KEM_768

# Generate quantum-safe keypair
kem = ML_KEM_768()
public_key, secret_key = kem.keypair()

# Key exchange
ciphertext, shared_secret = kem.encaps(public_key)
recovered_secret = kem.decaps(ciphertext, secret_key)

assert shared_secret == recovered_secret  # ✅

Node.js Installation

npm install @aegissemi/aegispqc

Quick Example:

const aegispqc = require('@aegissemi/aegispqc');

// Generate quantum-safe keypair
const kem = new aegispqc.ML_KEM_768();
const { publicKey, secretKey } = kem.keypair();

// Key exchange
const { ciphertext, sharedSecret } = kem.encapsulate(publicKey);
const recoveredSecret = kem.decapsulate(ciphertext, secretKey);

console.log(sharedSecret.equals(recoveredSecret)); // true

Documentation and Resources

• GitHub: github.com/Aegis-Semiconductor/aegispqc

• Documentation: Comprehensive guides and API reference

• Examples: 15+ real-world code examples

• Migration Guide: Step-by-step RSA/ECDSA to PQC migration

The Quantum-Safe Future Starts Today

The transition to post-quantum cryptography is inevitable. With NIST standards finalized and quantum computers advancing rapidly, there's no better time to start your migration.

AegisPQC makes it easy:

• ✅ Start small - Use hybrid cryptography to combine PQC with your existing systems

• ✅ Test thoroughly - 278 passing tests ensure reliability

• ✅ Scale confidently - High-performance CPU implementations, GPU acceleration available

• ✅ Stay compliant - NIST-standardized algorithms meet regulatory requirements

Install AegisPQC today and future-proof your applications against quantum threats.

pip install aegispqc
npm install @aegissemi/aegispqc

About Aegis Semiconductor

Aegis Semiconductor is dedicated to making advanced cryptography accessible to developers worldwide. We believe quantum-safe security should be easy to implement, well-documented, and available to everyone.

Questions or feedback? We'd love to hear from you:

• GitHub Issues: Report bugs or request features

• Email: hk@aegissemi.com

• Enterprise: enterprise@aegissemi.com

Stay quantum-safe! 🔒🚀