I wrote this implementation three years ago to understand Kyber - when it was a hot candidate to be selected in the NIST process. Meanwhile, there are other, better maintained implementations out there.
If you are looking for a clean, straight-forward and well-tested implementation of Kyber (now standardized as ML-KEM) I recommend the Python implementation of Markku-Juhani O. Saarinen.
- just a toy implementation to better understand the algorithm
- all three 512, 768 and 1024 sec levels.
- ported from the reference and the Go Implementation, so not the fanciest Python code
- not hardened against (timing/other) side channel attacks
- test coverage is poor, use at your own risk
Just take a look at ccakem.py. Functions
kem_keygenXXX(),kem_encapsXXX(pubkey, seed=None)andkem_decapsXXX(private_key, ciphertext)
correspond directly to the spec. For kem_encaps you can optionally provide a custom seed which is useful for debugging.
Typical kem, e.g. 512 sec level, would be
priv, pub = kem_keygen512()
secret1, cipher = kem_encaps512(pub)
secret2 = kem_decaps512(priv, cipher)