KEMTLS Implementations

KEMTLS has been independently implemented by several people. In this post, we briefly describe some of them. Note that these implementations followed the academic description of KEMTLS, which differs from the AuthKEM draft in some small ways.

Please let us know if you know of other implementations that we should list here!

Experimental integration into Rustls

The original implementations by Thom Wiggers were based on Rustls. This is the code that was used for the experiments and benchmarks that we reported on in the papers. This code can be found at The most recent version is the thesis branch which was used for Thom’s PhD thesis.

Integration into Go’s crypto/ssl stack

For the experiments on a real-world network, Sofía Celi and Thom Wiggers implemented KEMTLS in Go. This code was archived at

Experimental integration into Botan

The Botan C++ library for TLS experimented with post-quantum cryptography. As part of their work, they built an experimental integration of KEMTLS. This can be found at

WolfSSL integration

For the experiments with KEMTLS in embedded settings, Ruben Gonzalez integrated KEMTLS in WolfSSL. This implementation, as well as the measurement scripts, can be found at

Thom Wiggers
Thom Wiggers
PhD candidate

My research interests include (post-quantum) cryptography and protocols