SEO Keywords (hidden)

NextSSL, cryptography, post-quantum cryptography, PQC, NIST PQC, cryptographic library, C library, AES, SHA, RSA, ECDSA, ML-KEM, SLH-DSA, password hashing, key derivation functions, KDFs, authenticated encryption, AEAD, zero-knowledge proofs, SSL, TLS, security, open source, Apache-2.0

Why NextSSL Algorithms Roadmap Use Cases Compare View on GitHub
Apache-2.0 / Open Source

NextSSL

The cryptographic library that ships both classical and post-quantum primitives in a single C dependency. No wrappers, no abstractions, no hidden defaults.

Star on GitHub Explore 776 Algorithms
0 Algorithms
0 Categories
0 Binary Targets
Why NextSSL

The cryptographic surface your project needs, now and in 2035

Security engineers spend too much time managing dependencies. NextSSL ends that.

Universal Algorithm Surface

From legacy MD5 to NIST-selected ML-KEM-1024 and FIPS 205 SLH-DSA. One dependency. Every primitive your project will ever need: classical, lightweight, post-quantum, and zero-knowledge: all under one consistent API surface.

Hardware-Accelerated by Default

AES-NI, SHA-NI, AVX2, PCLMUL, RDRAND, ARM NEON, automatically selected at runtime based on CPU capabilities. You write the logic; NextSSL resolves the fast path. No configuration, no platform flags, no surprises in production.

Post-Quantum Ready Now

Full NIST PQC suite: ML-KEM (FIPS 203), ML-DSA (FIPS 204), SLH-DSA (FIPS 205). Drop-in hybrid mode for TLS 1.3. Migration-safe API design means classical and post-quantum primitives run side by side with no breaking changes.

Language Bindings
C (Core) Rust [planned] Python [planned] Go [planned] WASM
Active development, algorithm surfaces being finalized
What Makes NextSSL Different

Built different. By design.

Six properties that separate NextSSL from every other cryptographic library in production today.

Profile System
Three audiences. One library. No compromises.
NextSSL ships with three built-in safety profiles. Normal users get conservative defaults. Builders get all the ecosystem algorithms. Researchers get the full archive with experimental surfaces. You choose the profile; the library enforces it.
safest-main: argon2id, xchacha20-poly1305, ed25519, x25519
useful: PKCS#11, RSA-PSS, ECDSA, legacy KDFs, wallet primitives
research: MAYO, HAWK, Poseidon, ZK circuits, experimental AEAD
Archive Scale
776
algorithms in 22 categories
From MD2 to ML-KEM-1024. Every standard ever published, plus emerging candidates. The only dependency your security layer will ever need.
Hash / XOF PQC AEAD Threshold MPC ZK-friendly LWC / IoT Noise Protocol VDF PKI / HSM Password KDFs Stream Ciphers Block Modes
Hardware Acceleration
Runtime CPU dispatch, zero config
NextSSL probes your CPU at startup and selects the fastest available path automatically.
AES-NI
SHA-NI
AVX2
PCLMUL
ARM NEON
RDRAND
API Design
Algorithm-explicit. No hidden defaults.
Every call names the primitive. Nothing is hidden behind opaque identifiers. Auditors see exactly what runs on the wire.
nssl_kem_t *kem = nssl_kem_new(NSSL_ML_KEM_768);
nssl_kem_encap(kem, ct, ss, peer_pk);
nssl_hkdf_expand(ss, 32, info, 12, key, 32,
                 NSSL_SHA256);
Dependency Model
1
dependency. this library, nothing else
No OpenSSL. No libsodium. No vendored submodules pulling in unknown transitive code. One repo. One audit surface.
Safety Labels
Every algorithm carries a lifecycle label
Safety decisions are visible and machine-readable, not buried in changelogs.
recommended legacy deprecated pqc hybrid-ready constant-time-required research archive-only
Constant-Time
Side-channel resistant by default
Critical paths — key comparisons, secret-dependent branches, modular exponentiation — are written in verified constant-time idioms. No timing oracle. No Meltdown shortcut. Every sensitive operation reviewed against Valgrind ctgrind and compiler barriers.
Platform Coverage
29 binary targets. 7 platform families. One source.
Every target pre-built and CI-tested on every merge. Drop in for your platform — no cross-compile setup required.
Android · 4 arm64-v8a · armeabi-v7a · x86 · x86_64
iOS · 3 device-arm64 · sim-arm64 · sim-x86_64
Linux glibc · 8 x86_64 · x86 · arm64 · armv7 · riscv64 · ppc64le · s390x · loongarch64
Linux musl · 3 x86_64 · arm64 · armv7
macOS · 3 arm64 · x86_64 · universal
WASM · 2 emscripten-wasm32 · wasi-wasm32
Windows · 6 x86_64-msvc · x86_64-mingw · x86-msvc · x86-mingw · arm64-msvc · armv7-msvc
Test Coverage
ACVP & NIST test vectors for every primitive
NIST Automated Cryptographic Validation Protocol (ACVP) vectors run on every CI build. No shipping code without passing the official reference corpus — from AES-128-ECB to ML-KEM-1024 encapsulation.
# ACVP server integration
vectors/SHA3-2561 247 test cases
vectors/ML-KEM-7683 000 KATs
vectors/AES-GCM4 512 encryptions
Project History & PQC Timeline

Built in the eye of the storm

NextSSL was founded as NIST finalized the post-quantum era. Every milestone — including the failures — shaped what it is today.

Use Cases

Built for the teams who can't afford to get it wrong

NextSSL is designed for production environments where cryptographic correctness is non-negotiable.

API Design

Eight lines to a post-quantum key exchange

The API is designed for clarity. Primitives are explicit; no algorithm-hiding abstraction layers that obscure what's happening on the wire.

Honest Comparison

How NextSSL compares to the alternatives

No spin. The comparison table reflects what each library actually supports today.

Feature NextSSL OpenSSL 3.x BoringSSL libsodium wolfSSL mbedTLS
Comparison reflects publicly documented feature sets. FIPS 140-3 certification status varies by build and module version.
Cryptography is the last line of defense.
We built NextSSL because that line deserves a solid foundation: one that handles today's TLS stack and tomorrow's post-quantum migration without forcing your team to start over.
Star NextSSL on GitHub
Built by QudsLab. Open source forever. Apache-2.0.