Kyber Logo

Kyber – MLWE-based CCA-secure key encapsulation


We are currently referencing to this website in a paper in submission to a venue that requires anonymous submissions. This is why we also keep this website anonymous. You can contact the authors by e-mail to


Kyber is a CCA-secure key encapsulation mechanism, whose security relies on the hardness of the module-LWE problem. For more details we will soon make the paper available here.


The Kyber code package includes two implementations: a C reference implementation and an optimized implementation using AVX2 vector instructions available on recent Intel and AMD processors. Additionally, it contains the scripts we used to estimate security and failure probabilities. To download and build the software, proceed as follows:

tar xjvf kyber-20170816.tar.bz2
cd kyber-20170816/ref && make
cd ../avx2 && make

In each of the subdirectories ref/test and avx2/test, this will produce 4 binaries:

In order to reproduce security and failure-probabilities, simply run the script from the scripts/ subdirectory of the code package.


The Kyber software package is in the public domain.