EasyPQC

EasyPQC (Or Easy Post Quantum Cryptography) is a C# class focused on more social aspects of cryptography (Such as secret passing and the like. This contains four parts you should be looking at;

EasyPQC.Signatures
EasyPQC.Keys
EasyPQC.FileOperations and
EasyPQC.Rotation

and three functions

WriteAllBytesAsync(string path, byte[] bytes, Action? progressCallback = null, CancellationToken cancellationToken = default)

Same as the method above, but with support for cancellation using a CancellationToken.

  • Parameters:
    • path: The destination file path.
    • bytes: The byte array to write.
    • progressCallback: (Optional) Reports write progress.
    • cancellationToken: (Optional) Token to cancel the write operation.
  • Returns: Task
  • Throws: OperationCanceledException if cancellation is requested during the operation.
  • Example:

csharp
using var cts = new CancellationTokenSource();
await FileUtils.WriteAllBytesAsync("output.dat", myData, progress => Console.WriteLine(progress), cts.Token);

ReadAllBytesAsync(string path)

Reads all bytes from the specified file asynchronously using a buffered approach.

  • Parameters:
    • path: The path to the file to read.
  • Returns: Task<byte[]>: A byte array containing the file contents.
  • Example:

csharp
byte[] data = await FileUtils.ReadAllBytesAsync("input.dat");

Notes

  • All methods use a 4096-byte buffer to balance performance and memory usage.
  • The write methods are especially suitable for large files when used with progress feedback and cancellation.
  • Be sure to handle exceptions related to I/O operations (e.g., file not found, permission denied, disk full).

Here's an example of how this would work;

One of my hardest scripts, but this has key turning in it (Constnatly making an encryption key available to everyone that's part of the group)

  • First, the leader creates a Kyber public private key pair and the public key is shared

  • Everyone uses the public key to create a key encapsulation, this is our session key

  • We encrypt the session key using AES256GCM and give it to everyone

  • Everyone signs their key using Dilithium, then when a message is sent we always verify it

  • When a message is sent, we encrypt the message with the current version of the session key

  • A nonce is created/signed for every message (contains a counter, the username, previous session key and message hash)

  • Automatically we know the user is the user if the nonce is able to be both decrypted and read

  • The session key is evolved with SHAKE256

  • After an interval (could be time or amount of messages), we create a new kyber key, with dilithium used for authenticity (rotation)

The below will be handled in PariahNetworking (AKA Spire), possibly after the release of Database Designer

  • If someone was removed or left, we reauthenticate everyone who is active in the last hour
  • If someone is added or talks, they go through SectionA (public/private key)
  • Instead of rotating and switching everyone, it might be worth it to store user references as their name + their lave/join amount + rotation
  • This way, instead of doing complex and intensive things we can just make sure the user needs a new key if they rejoin
  • f they leave, others can still then see their messages without someone being able to act like they're them and stuff
  • When someone new joins or someone is removed, we simply rotate with them
Notes
  • Offline messages are handled as session keys are stored on a sender's device
  • The keys are then given to the recepient when they're back, with the public kyber key for delivery, signed with Dilitium
  • We have an action function that handles roles, messages, etc.
  • Also need CRDT and Audit Log with both being used to verify a sent in session
  • I'm not sure if for searching for messages and stuff it'll use Homomorphic Encryption or something yet