KeibiDrop: Building Post-Quantum Encrypted File Sync

Index

• Why Build This
• Cryptographic Choices
• Architecture
• FUSE Filesystem Challenges
• Cross-Platform Development
• Lessons Learned

Why Build This

Quantum computers will eventually break RSA and elliptic curve cryptography. That is not controversial. The question is when.

The real threat is "harvest now, decrypt later." Adversaries collect encrypted data today, knowing they can decrypt it once quantum computers arrive. If your data has long-term value, this matters now.

KeibiDrop is a file sync tool that uses post-quantum cryptography. It lets you share files between devices with encryption that will remain secure even after quantum computers arrive.

Cryptographic Choices

We use a hybrid approach combining classical and post-quantum algorithms:

• ML-KEM-1024: NIST standardized post-quantum key encapsulation mechanism (formerly Kyber)
• X25519: Classical elliptic curve Diffie-Hellman, battle-tested
• ChaCha20-Poly1305: Symmetric encryption with authentication
• HKDF: Key derivation from combined shared secrets

Why hybrid? If ML-KEM is broken (it is new), X25519 still protects you. If X25519 is broken (quantum), ML-KEM still protects you. Defense in depth.

Go 1.24 includes ML-KEM in the standard library (crypto/mlkem), which made implementation straightforward.

Architecture

KeibiDrop has three components:

• Relay server: Facilitates key exchange. Never sees file content.
• Go backend: Handles networking, cryptography, and FUSE filesystem.
• Rust/Slint UI: Native cross-platform interface.

The connection flow:

1. Both peers generate ML-KEM and X25519 keypairs
2. Public keys uploaded to relay server
3. Peers exchange fingerprints out-of-band (via chat, email, etc.)
4. Direct P2P connection established over IPv6
5. All file transfers encrypted end-to-end

We chose IPv6-only to avoid NAT traversal complexity. No STUN/TURN servers means no metadata leakage to third parties.

FUSE Filesystem Challenges

KeibiDrop mounts as a folder on your computer. Drag files in, they appear on the peer. No special apps needed.

Building a FUSE filesystem was the hardest part. Challenges included:

• Deadlocks on Intel Macs: macFUSE has specific threading requirements that cause deadlocks on Intel hardware. Took days to debug.
• Write ordering: Applications write files in unexpected ways. Handling partial writes, truncates, and renames correctly is tricky.
• Performance: Every file operation goes through userspace. Optimizing for reasonable speed required careful buffering.
• Cross-platform: macFUSE, WinFsp, and fuse3 have different APIs and behaviors.

Cross-Platform Development

One codebase runs on macOS (Intel + Apple Silicon), Windows, Linux, iOS, and Android.

The stack:

• Go: Cross-compiles easily. CGO adds complexity but is required for FUSE.
• Rust + Slint: Native UI that compiles to each platform. No Electron bloat.
• gomobile: Generates iOS and Android bindings from Go code.

The result is a 20MB binary. Compare that to Electron apps that ship 500MB of Chromium.

Lessons Learned

• Go 1.24 is great for crypto: ML-KEM in stdlib means no sketchy third-party libraries.
• FUSE is harder than it looks: Budget extra time for edge cases and platform quirks.
• IPv6-only is limiting: Many networks still lack IPv6. Consider fallback options.
• Hybrid crypto is the right choice: New algorithms need time to build trust.
• Rust + Slint is promising: Native performance and memory safety for desktop UI.

Total time: 140 hours. Professional estimates for similar projects: 6-12 months.

Speed comes from depth. Having built similar systems before means fewer wrong turns.