pqc-sandbox is a CLI tool and library that simulates the real-world cost of migrating to post-quantum cryptography (ML-KEM, ML-DSA, SLH-DSA — NIST FIPS 203/204/205) before you touch a single line of production code.

NIST finalised PQC standards in August 2024. Regulators (RBI, NSA, DORA, MAS) are now asking for migration roadmaps. But most teams have no idea what switching from ECDSA/RSA/ECDH actually costs them — until they break something in production.

What it does:

Run a 60-second simulation against any algorithm pair:

• Benchmark: key sizes, signature sizes, ciphertext sizes, latency delta

• Compat oracle: checks MTU limits, TLS version support, device RAM, DNSSEC UDP limits, JWT header limits, HSM readiness — 15+ checks

• Migration difficulty score: 0–100 (EASY / MODERATE / HARD / CRITICAL)

• Config diff: copy-paste ready diffs for OpenSSL, nginx, sshd, Go TLS, Python

• CI/CD gate: scans pull requests for newly introduced RSA/ECDSA/ECDH patterns and blocks them (exit 2 = BLOCKED), with a drop-in GitHub Action

The size numbers that surprise people most:

ECDSA-P256 signature: 72 bytes

ML-DSA-44 signature: 2,420 bytes (+33×)

SLH-DSA-256s signature: 29,792 bytes (+413×)

These aren't just performance numbers. They fragment DNSSEC UDP responses, overflow JWT header limits in API gateways, and break TLS cert chains on legacy proxies.

Zero telemetry. Fully local. Apache 2.0.

pip install pqc-sandbox && pqc-sandbox demo