Purpose. Prototype of an API service secured by a hybrid, quantum-aware security stack: Post-Quantum Cryptography (PQC) for authentication + Quantum Key Distribution (QKD) / Quantum Random Number Generator (QRNG) elements where available to derive session symmetric keys (the "QASP" approach).
Why this project.
- Protects against harvest-now, decrypt-later attacks and future cryptanalysis. oai_citation:2‡0725_military_and_security_dimensions_of_quantum_technologies_0.pdf
- Follows current PQC standardization and transition guidance (NIST, ENISA). oai_citation:3‡NIST Computer Security Resource Center
- Provides a reproducible set of docs, ledger and tests for "vibe coding" development.
Repo layout (created by CLIne)
README.md(this file)API_SPEC.md(OpenAPI skeleton + QASP security scheme)docs/SECURITY.md,docs/THREAT_MODEL.md,docs/QKD_DESIGN.md,docs/PQC_PLAN.mdvibe_ledger/VIBE_LEDGER.mdspecs/IMPLEMENTATION_GUIDE.md,specs/OPERATIONAL_RUNBOOK.mdtemplates/(issue/PR templates)ci/(CI job templates)src/(app skeleton)tests/(test and adversary/emulation plans)
Quick start (for developers)
git init && git checkout -b vibe/init- CLIne will create the files below and commit them as
chore:init-templates. - Read
vibe_ledger/VIBE_LEDGER.mdfor tasks and the current sprint.