diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 88421016..88ecec09 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -112,6 +112,14 @@ jobs:
           components: rustfmt, clippy
       - run: rustc --version
       - run: cargo clippy --all-features --all-targets -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path proto/Cargo.toml --no-default-features -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path proto/Cargo.toml --no-default-features --features json -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features --features insecure -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features --features json -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features --features std -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features --features insecure,json -- -Dwarnings
+      - run: cargo clippy --all-targets --manifest-path core/Cargo.toml --no-default-features --features insecure,std -- -Dwarnings
 
   doc:
     runs-on: ubuntu-latest
@@ -124,6 +132,19 @@ jobs:
       - run: rustc --version
       - run: cargo doc --no-deps --document-private-items --all-features
 
+  nostd:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: nightly-2021-07-01
+          override: true
+          target: thumbv7em-none-eabi
+      # Target thumbv7em does not have std
+      - run: cargo build --target thumbv7em-none-eabi --manifest-path no-std-check/Cargo.toml
+
   udeps:
     runs-on: ubuntu-latest
     steps:
diff --git a/Cargo.lock b/Cargo.lock
index b146680e..61eb763f 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -9,7 +9,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6e3e798aa0c8239776f54415bc06f3d74b1850f3f830b45c35cfc80556973f70"
 dependencies = [
  "generic-array",
- "rand_core 0.6.2",
 ]
 
 [[package]]
@@ -411,15 +410,15 @@ dependencies = [
 ]
 
 [[package]]
-name = "curve25519-dalek"
-version = "3.0.0"
+name = "curve25519-dalek-ng"
+version = "4.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c8492de420e9e60bc9a1d66e2dbb91825390b738a388606600663fc529b4b307"
+checksum = "574d8b2cd0bae5434fd50d53280f8299d95557a978686555880aaf5b8f4f81e9"
 dependencies = [
  "byteorder",
  "digest",
- "rand_core 0.5.1",
- "subtle",
+ "rand_core",
+ "subtle-ng",
  "zeroize",
 ]
 
@@ -495,14 +494,12 @@ dependencies = [
 
 [[package]]
 name = "ed25519-dalek"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d"
+version = "1.0.2"
+source = "git+https://github.com/daviddrysdale/ed25519-dalek?branch=rand-bump#eebf0b3fead5690101c0d44d5cc6de45e63b9aa8"
 dependencies = [
- "curve25519-dalek",
+ "curve25519-dalek-ng",
  "ed25519",
- "rand 0.7.3",
- "serde",
+ "rand",
  "sha2",
  "zeroize",
 ]
@@ -524,7 +521,7 @@ dependencies = [
  "generic-array",
  "group",
  "pkcs8",
- "rand_core 0.6.2",
+ "rand_core",
  "subtle",
  "zeroize",
 ]
@@ -544,7 +541,7 @@ dependencies = [
 
 [[package]]
 name = "example-aead"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "hex",
  "tink-aead",
@@ -553,7 +550,7 @@ dependencies = [
 
 [[package]]
 name = "example-daead"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "hex",
  "tink-core",
@@ -562,7 +559,7 @@ dependencies = [
 
 [[package]]
 name = "example-keygen"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "tink-core",
  "tink-daead",
@@ -570,7 +567,7 @@ dependencies = [
 
 [[package]]
 name = "example-keymgr"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "tink-aead",
  "tink-core",
@@ -578,7 +575,7 @@ dependencies = [
 
 [[package]]
 name = "example-kms"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "hex",
  "tink-aead",
@@ -588,7 +585,7 @@ dependencies = [
 
 [[package]]
 name = "example-mac"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "hex",
  "tink-core",
@@ -597,7 +594,7 @@ dependencies = [
 
 [[package]]
 name = "example-signature"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "hex",
  "tink-core",
@@ -606,7 +603,7 @@ dependencies = [
 
 [[package]]
 name = "example-streaming"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "tempfile",
  "tink-core",
@@ -620,7 +617,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "72a4d941a5b7c2a75222e2d44fcdf634a67133d9db31e177ae5ff6ecda852bfe"
 dependencies = [
  "bitvec",
- "rand_core 0.6.2",
+ "rand_core",
  "subtle",
 ]
 
@@ -771,17 +768,6 @@ dependencies = [
  "version_check",
 ]
 
-[[package]]
-name = "getrandom"
-version = "0.1.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fc587bc0ec293155d5bfa6b9891ec18a1e330c234f896ea47fbada4cadbe47e6"
-dependencies = [
- "cfg-if 0.1.10",
- "libc",
- "wasi 0.9.0+wasi-snapshot-preview1",
-]
-
 [[package]]
 name = "getrandom"
 version = "0.2.2"
@@ -790,7 +776,7 @@ checksum = "c9495705279e7140bf035dde1f6e750c162df8b625267cd52cc44e0b156732c8"
 dependencies = [
  "cfg-if 1.0.0",
  "libc",
- "wasi 0.10.0+wasi-snapshot-preview1",
+ "wasi",
 ]
 
 [[package]]
@@ -810,7 +796,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "61b3c1e8b4f1ca07e6605ea1be903a5f6956aec5c8a67fd44d56076631675ed8"
 dependencies = [
  "ff",
- "rand_core 0.6.2",
+ "rand_core",
  "subtle",
 ]
 
@@ -1039,6 +1025,9 @@ name = "lazy_static"
 version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+dependencies = [
+ "spin 0.5.2",
+]
 
 [[package]]
 name = "libc"
@@ -1046,6 +1035,15 @@ version = "0.2.98"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "320cfe77175da3a483efed4bc0adc1968ca050b098ce4f2f1c13a56626128790"
 
+[[package]]
+name = "lock_api"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0382880606dff6d15c9476c416d18690b72742aa7b605bb6dd6ec9030fbf07eb"
+dependencies = [
+ "scopeguard",
+]
+
 [[package]]
 name = "log"
 version = "0.4.14"
@@ -1454,19 +1452,6 @@ version = "0.6.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "643f8f41a8ebc4c5dc4515c82bb8abd397b527fc20fd681b7c011c2aee5d44fb"
 
-[[package]]
-name = "rand"
-version = "0.7.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03"
-dependencies = [
- "getrandom 0.1.15",
- "libc",
- "rand_chacha 0.2.2",
- "rand_core 0.5.1",
- "rand_hc 0.2.0",
-]
-
 [[package]]
 name = "rand"
 version = "0.8.3"
@@ -1474,19 +1459,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0ef9e7e66b4468674bfcb0c81af8b7fa0bb154fa9f28eb840da5c447baeb8d7e"
 dependencies = [
  "libc",
- "rand_chacha 0.3.0",
- "rand_core 0.6.2",
- "rand_hc 0.3.0",
-]
-
-[[package]]
-name = "rand_chacha"
-version = "0.2.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402"
-dependencies = [
- "ppv-lite86",
- "rand_core 0.5.1",
+ "rand_chacha",
+ "rand_core",
+ "rand_hc",
 ]
 
 [[package]]
@@ -1496,16 +1471,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e12735cf05c9e10bf21534da50a147b924d555dc7a547c42e6bb2d5b6017ae0d"
 dependencies = [
  "ppv-lite86",
- "rand_core 0.6.2",
-]
-
-[[package]]
-name = "rand_core"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19"
-dependencies = [
- "getrandom 0.1.15",
+ "rand_core",
 ]
 
 [[package]]
@@ -1514,16 +1480,7 @@ version = "0.6.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "34cf66eb183df1c5876e2dcf6b13d57340741e8dc255b48e40a26de954d06ae7"
 dependencies = [
- "getrandom 0.2.2",
-]
-
-[[package]]
-name = "rand_hc"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
-dependencies = [
- "rand_core 0.5.1",
+ "getrandom",
 ]
 
 [[package]]
@@ -1532,7 +1489,7 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3190ef7066a446f2e7f42e239d161e905420ccab01eb967c9eb27d21b2322a73"
 dependencies = [
- "rand_core 0.6.2",
+ "rand_core",
 ]
 
 [[package]]
@@ -1550,7 +1507,7 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "528532f3d801c87aec9def2add9ca802fe569e44a544afe633765267840abe64"
 dependencies = [
- "getrandom 0.2.2",
+ "getrandom",
  "redox_syscall",
 ]
 
@@ -1598,7 +1555,7 @@ dependencies = [
  "cc",
  "libc",
  "once_cell",
- "spin",
+ "spin 0.5.2",
  "untrusted",
  "web-sys",
  "winapi",
@@ -1606,7 +1563,7 @@ dependencies = [
 
 [[package]]
 name = "rinkey"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "structopt",
  "tink-aead",
@@ -1754,6 +1711,12 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "scopeguard"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
+
 [[package]]
 name = "sct"
 version = "0.6.0"
@@ -1902,7 +1865,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c19772be3c4dd2ceaacf03cb41d5885f2a02c4d8804884918e3a258480803335"
 dependencies = [
  "digest",
- "rand_core 0.6.2",
+ "rand_core",
 ]
 
 [[package]]
@@ -1927,6 +1890,15 @@ version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
 
+[[package]]
+name = "spin"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "511254be0c5bcf062b019a6c89c01a664aa359ded62f78aa72c6fc137c0590e5"
+dependencies = [
+ "lock_api",
+]
+
 [[package]]
 name = "spki"
 version = "0.3.0"
@@ -1972,6 +1944,12 @@ version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
 
+[[package]]
+name = "subtle-ng"
+version = "2.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8049cf85f0e715d6af38dde439cb0ccb91f67fb9f5f63c80f8b43e48356e1a3f"
+
 [[package]]
 name = "syn"
 version = "1.0.60"
@@ -2009,7 +1987,7 @@ checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22"
 dependencies = [
  "cfg-if 1.0.0",
  "libc",
- "rand 0.8.3",
+ "rand",
  "redox_syscall",
  "remove_dir_all",
  "winapi",
@@ -2060,13 +2038,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255"
 dependencies = [
  "libc",
- "wasi 0.10.0+wasi-snapshot-preview1",
+ "wasi",
  "winapi",
 ]
 
 [[package]]
 name = "tink-aead"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "aead",
  "aes",
@@ -2075,7 +2053,8 @@ dependencies = [
  "chacha20poly1305",
  "generic-array",
  "prost",
- "rand 0.7.3",
+ "rand",
+ "spin 0.9.2",
  "tink-core",
  "tink-mac",
  "tink-proto",
@@ -2083,7 +2062,7 @@ dependencies = [
 
 [[package]]
 name = "tink-awskms"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "csv",
  "hex",
@@ -2097,35 +2076,37 @@ dependencies = [
 
 [[package]]
 name = "tink-core"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "digest",
  "hkdf",
  "lazy_static",
  "prost",
- "rand 0.7.3",
+ "rand",
  "serde",
  "serde_json",
  "sha-1",
  "sha2",
+ "spin 0.9.2",
  "subtle",
  "tink-proto",
 ]
 
 [[package]]
 name = "tink-daead"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "aead",
  "aes-siv",
  "prost",
+ "spin 0.9.2",
  "tink-core",
  "tink-proto",
 ]
 
 [[package]]
 name = "tink-gcpkms"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "base64",
  "chrono",
@@ -2144,9 +2125,10 @@ dependencies = [
 
 [[package]]
 name = "tink-mac"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "prost",
+ "spin 0.9.2",
  "tink-core",
  "tink-prf",
  "tink-proto",
@@ -2154,7 +2136,7 @@ dependencies = [
 
 [[package]]
 name = "tink-prf"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "aes",
  "cmac",
@@ -2164,13 +2146,14 @@ dependencies = [
  "prost",
  "sha-1",
  "sha2",
+ "spin 0.9.2",
  "tink-core",
  "tink-proto",
 ]
 
 [[package]]
 name = "tink-proto"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "base64",
  "prost",
@@ -2180,27 +2163,28 @@ dependencies = [
 
 [[package]]
 name = "tink-signature"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "ecdsa",
  "ed25519-dalek",
  "generic-array",
  "p256",
  "prost",
- "rand 0.7.3",
+ "rand",
  "signature",
+ "spin 0.9.2",
  "tink-core",
  "tink-proto",
 ]
 
 [[package]]
 name = "tink-streaming-aead"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "aes",
  "aes-gcm",
  "prost",
- "rand 0.7.3",
+ "rand",
  "tink-core",
  "tink-mac",
  "tink-proto",
@@ -2208,7 +2192,7 @@ dependencies = [
 
 [[package]]
 name = "tink-testing-server"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "env_logger",
  "futures",
@@ -2231,7 +2215,7 @@ dependencies = [
 
 [[package]]
 name = "tink-tests"
-version = "0.2.0"
+version = "0.3.0"
 dependencies = [
  "base64",
  "ed25519-dalek",
@@ -2241,7 +2225,7 @@ dependencies = [
  "maplit",
  "p256",
  "prost",
- "rand 0.7.3",
+ "rand",
  "regex",
  "serde",
  "serde_json",
@@ -2412,7 +2396,7 @@ dependencies = [
  "futures-util",
  "indexmap",
  "pin-project 1.0.2",
- "rand 0.8.3",
+ "rand",
  "slab",
  "tokio",
  "tokio-stream",
@@ -2581,12 +2565,6 @@ dependencies = [
  "try-lock",
 ]
 
-[[package]]
-name = "wasi"
-version = "0.9.0+wasi-snapshot-preview1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519"
-
 [[package]]
 name = "wasi"
 version = "0.10.0+wasi-snapshot-preview1"
diff --git a/Cargo.toml b/Cargo.toml
index 3e412477..057b375b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -25,6 +25,8 @@ members = [
 
 # Patch dependencies on tink crates so that they refer to the versions within this same repository.
 [patch.crates-io]
+# TODO(#7): remove if/when https://github.com/dalek-cryptography/ed25519-dalek/pull/160 is merged.
+ed25519-dalek = { git = "https://github.com/daviddrysdale/ed25519-dalek", branch = "rand-bump" }
 rinkey = { path = "rinkey" }
 tink-aead = { path = "aead" }
 tink-awskms = { path = "integration/awskms" }
diff --git a/aead/Cargo.toml b/aead/Cargo.toml
index 96103e5a..6f2d4aca 100644
--- a/aead/Cargo.toml
+++ b/aead/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-aead"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -10,15 +10,15 @@ keywords = ["cryptography", "tink", "aead"]
 categories = ["cryptography"]
 
 [dependencies]
-# Need the `std` feature for Error type conversion
-aead = { version = "^0.4.2", features = ["std"] }
+aead = { version = "^0.4.2" }
 aes = { version = "^0.7.4", features = ["ctr"] }
 aes-gcm = "^0.9.2"
 aes-gcm-siv = "^0.10"
 chacha20poly1305 = "^0.8"
 generic-array = "^0.14.4"
-prost = "^0.8"
-rand = "^0.7"
-tink-core = "^0.2"
-tink-mac = "^0.2"
-tink-proto = "^0.2"
+prost = { version = "^0.8", default-features = false }
+rand = { version = "^0.8", default-features = false, features = ["alloc", "getrandom"] }
+spin = { version = "^0.9.2", features = ["once"] }
+tink-core = "^0.3"
+tink-mac = "^0.3"
+tink-proto = "^0.3"
diff --git a/aead/src/aead_factory.rs b/aead/src/aead_factory.rs
index ee6a77c5..bb083664 100644
--- a/aead/src/aead_factory.rs
+++ b/aead/src/aead_factory.rs
@@ -16,6 +16,7 @@
 
 //! Provides an implementation of AEAD using a set of underlying implementations.
 
+use alloc::{boxed::Box, sync::Arc, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// Returns a [`tink_core::Aead`] primitive from the given keyset handle.
@@ -27,7 +28,7 @@ pub fn new(h: &tink_core::keyset::Handle) -> Result<Box<dyn tink_core::Aead>, Ti
 /// manager.
 fn new_with_key_manager(
     h: &tink_core::keyset::Handle,
-    km: Option<std::sync::Arc<dyn tink_core::registry::KeyManager>>,
+    km: Option<Arc<dyn tink_core::registry::KeyManager>>,
 ) -> Result<Box<dyn tink_core::Aead>, TinkError> {
     let ps = h
         .primitives_with_key_manager(km)
diff --git a/aead/src/aead_key_templates.rs b/aead/src/aead_key_templates.rs
index 6cbd899d..f837f9bf 100644
--- a/aead/src/aead_key_templates.rs
+++ b/aead/src/aead_key_templates.rs
@@ -17,6 +17,7 @@
 //! This module contains pre-generated [`KeyTemplate`]s for AEAD keys. One can use these templates
 //! to generate new Keysets.
 
+use alloc::{string::ToString, vec, vec::Vec};
 use prost::Message;
 use tink_proto::{HashType, KeyTemplate, OutputPrefixType};
 
diff --git a/aead/src/aes_ctr_hmac_aead_key_manager.rs b/aead/src/aes_ctr_hmac_aead_key_manager.rs
index d4f6bae7..c5c9ee7e 100644
--- a/aead/src/aes_ctr_hmac_aead_key_manager.rs
+++ b/aead/src/aes_ctr_hmac_aead_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for AES-CTR-HMAC keys.
 
 use crate::subtle;
+use alloc::{boxed::Box, format, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 use tink_proto::HashType;
diff --git a/aead/src/aes_gcm_key_manager.rs b/aead/src/aes_gcm_key_manager.rs
index 882d649a..1f8f8058 100644
--- a/aead/src/aes_gcm_key_manager.rs
+++ b/aead/src/aes_gcm_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for AES-GCM keys.
 
 use crate::subtle;
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/aes_gcm_siv_key_manager.rs b/aead/src/aes_gcm_siv_key_manager.rs
index f387ff8c..63a48abe 100644
--- a/aead/src/aes_gcm_siv_key_manager.rs
+++ b/aead/src/aes_gcm_siv_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for AES-GCM-SIV keys.
 
 use crate::subtle;
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/chacha20poly1305_key_manager.rs b/aead/src/chacha20poly1305_key_manager.rs
index 8e89e2d7..7dc6044a 100644
--- a/aead/src/chacha20poly1305_key_manager.rs
+++ b/aead/src/chacha20poly1305_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for ChaCha20Poly1305 keys.
 
 use crate::subtle;
+use alloc::{boxed::Box, format, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/kms_envelope_aead.rs b/aead/src/kms_envelope_aead.rs
index 0be340c1..656d11c0 100644
--- a/aead/src/kms_envelope_aead.rs
+++ b/aead/src/kms_envelope_aead.rs
@@ -16,7 +16,8 @@
 
 //! Provide an implementation of AEAD using a KMS.
 
-use std::convert::TryInto;
+use alloc::{boxed::Box, vec::Vec};
+use core::convert::TryInto;
 use tink_core::{utils::wrap_err, TinkError};
 
 const LEN_DEK: usize = 4;
diff --git a/aead/src/kms_envelope_aead_key_manager.rs b/aead/src/kms_envelope_aead_key_manager.rs
index d69ce355..da6c3ac8 100644
--- a/aead/src/kms_envelope_aead_key_manager.rs
+++ b/aead/src/kms_envelope_aead_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for keys wrapped by a KMS.
 
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/lib.rs b/aead/src/lib.rs
index 7475b1af..08c70c06 100644
--- a/aead/src/lib.rs
+++ b/aead/src/lib.rs
@@ -19,9 +19,13 @@
 //! AEAD encryption assures the confidentiality and authenticity of the data. This primitive is CPA
 //! secure.
 
+#![no_std]
 #![deny(broken_intra_doc_links)]
 
-use std::sync::Once;
+extern crate alloc;
+
+use alloc::sync::Arc;
+use spin::{Mutex, Once};
 use tink_core::registry::register_key_manager;
 
 mod aead_factory;
@@ -49,23 +53,23 @@ pub mod subtle;
 /// port is based on.
 pub const UPSTREAM_VERSION: &str = "1.6.0";
 
-static INIT: Once = Once::new();
+static INIT: Mutex<Once> = Mutex::new(Once::new());
 
 /// Initialize the `tink-aead` crate, registering its primitives so they are available via
 /// tink-core.
 pub fn init() {
-    INIT.call_once(|| {
-        register_key_manager(std::sync::Arc::new(AesCtrHmacAeadKeyManager::default()))
+    INIT.lock().call_once(|| {
+        register_key_manager(Arc::new(AesCtrHmacAeadKeyManager::default()))
             .expect("tink_aead::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(AesGcmKeyManager::default()))
+        register_key_manager(Arc::new(AesGcmKeyManager::default()))
             .expect("tink_aead::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(AesGcmSivKeyManager::default()))
+        register_key_manager(Arc::new(AesGcmSivKeyManager::default()))
             .expect("tink_aead::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(ChaCha20Poly1305KeyManager::default()))
+        register_key_manager(Arc::new(ChaCha20Poly1305KeyManager::default()))
             .expect("tink_aead::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(XChaCha20Poly1305KeyManager::default()))
+        register_key_manager(Arc::new(XChaCha20Poly1305KeyManager::default()))
             .expect("tink_aead::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(KmsEnvelopeAeadKeyManager::default()))
+        register_key_manager(Arc::new(KmsEnvelopeAeadKeyManager::default()))
             .expect("tink_aead::init() failed"); // safe:init
 
         tink_core::registry::register_template_generator("AES128_GCM", aes128_gcm_key_template);
diff --git a/aead/src/subtle/aead.rs b/aead/src/subtle/aead.rs
index 9169fbd6..2fe287ac 100644
--- a/aead/src/subtle/aead.rs
+++ b/aead/src/subtle/aead.rs
@@ -16,6 +16,8 @@
 
 //! Utilities for AEAD functionality.
 
+use alloc::format;
+
 /// Check if the given key size is a valid AES key size.
 pub fn validate_aes_key_size(size_in_bytes: usize) -> Result<(), tink_core::TinkError> {
     match size_in_bytes {
diff --git a/aead/src/subtle/aes_ctr.rs b/aead/src/subtle/aes_ctr.rs
index 60c2d3ad..1c6f65f0 100644
--- a/aead/src/subtle/aes_ctr.rs
+++ b/aead/src/subtle/aes_ctr.rs
@@ -21,6 +21,7 @@ use aes::{
     cipher::{consts::U16, generic_array::GenericArray, FromBlockCipher, StreamCipher},
     NewBlockCipher,
 };
+use alloc::{format, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// The minimum IV size that this implementation supports.
diff --git a/aead/src/subtle/aes_gcm.rs b/aead/src/subtle/aes_gcm.rs
index afe45df4..eb1435c8 100644
--- a/aead/src/subtle/aes_gcm.rs
+++ b/aead/src/subtle/aes_gcm.rs
@@ -17,6 +17,7 @@
 //! AES-GCM based implementation of the [`tink_core::Aead`] trait.
 
 use aes_gcm::aead::{consts::U12, generic_array::GenericArray, Aead, NewAead, Payload};
+use alloc::{boxed::Box, format, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// The only IV size that this implementation supports.
@@ -106,5 +107,5 @@ fn new_iv() -> GenericArray<u8, U12> {
 /// Maximum plaintext size.
 fn max_pt_size() -> usize {
     let x = (isize::MAX as usize) - AES_GCM_IV_SIZE - AES_GCM_TAG_SIZE;
-    std::cmp::min(x, MAX_AES_GCM_PLAINTEXT_SIZE)
+    core::cmp::min(x, MAX_AES_GCM_PLAINTEXT_SIZE)
 }
diff --git a/aead/src/subtle/aes_gcm_siv.rs b/aead/src/subtle/aes_gcm_siv.rs
index c7307ddc..8871c23b 100644
--- a/aead/src/subtle/aes_gcm_siv.rs
+++ b/aead/src/subtle/aes_gcm_siv.rs
@@ -17,6 +17,7 @@
 //! AES-GCM-SIV based implementation of the [`tink_core::Aead`] trait.
 
 use aes_gcm_siv::aead::{consts::U12, generic_array::GenericArray, Aead, NewAead, Payload};
+use alloc::{boxed::Box, format, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// The only IV size that this implementation supports.
diff --git a/aead/src/subtle/chacha20poly1305.rs b/aead/src/subtle/chacha20poly1305.rs
index 86c19dd4..61b2b4aa 100644
--- a/aead/src/subtle/chacha20poly1305.rs
+++ b/aead/src/subtle/chacha20poly1305.rs
@@ -16,6 +16,7 @@
 
 //! ChaCha20 Poly1305 implementation of AEAD.
 
+use alloc::vec::Vec;
 use chacha20poly1305::aead::{Aead, NewAead, Payload};
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/subtle/encrypt_then_authenticate.rs b/aead/src/subtle/encrypt_then_authenticate.rs
index 2260d13b..370d28f5 100644
--- a/aead/src/subtle/encrypt_then_authenticate.rs
+++ b/aead/src/subtle/encrypt_then_authenticate.rs
@@ -17,6 +17,7 @@
 //! General AEAD implementation combining an `IndCpaCipher` with a `tink_core::Mac`
 
 use super::IndCpaCipher;
+use alloc::{boxed::Box, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// `EncryptThenAuthenticate` performs an encrypt-then-MAC operation on plaintext
diff --git a/aead/src/subtle/ind_cpa.rs b/aead/src/subtle/ind_cpa.rs
index 56586594..f52846c5 100644
--- a/aead/src/subtle/ind_cpa.rs
+++ b/aead/src/subtle/ind_cpa.rs
@@ -16,6 +16,8 @@
 
 //! Trait definition for `IndCpaCipher`.
 
+use alloc::{boxed::Box, vec::Vec};
+
 // `IndCpaCipher` provides an interface for symmetric key ciphers that are
 // indistinguishable against chosen-plaintext attacks. Said primitives do not
 // provide authentication, thus should not be used directly, but only to
diff --git a/aead/src/subtle/xchacha20poly1305.rs b/aead/src/subtle/xchacha20poly1305.rs
index 54ab691f..1ce7c545 100644
--- a/aead/src/subtle/xchacha20poly1305.rs
+++ b/aead/src/subtle/xchacha20poly1305.rs
@@ -16,6 +16,7 @@
 
 //! XChaCha20 Poly1305 implementation of AEAD.
 
+use alloc::vec::Vec;
 use chacha20poly1305::aead::{Aead, NewAead, Payload};
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/aead/src/xchacha20poly1305_key_manager.rs b/aead/src/xchacha20poly1305_key_manager.rs
index 9a259200..1ef64d4d 100644
--- a/aead/src/xchacha20poly1305_key_manager.rs
+++ b/aead/src/xchacha20poly1305_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for XChaCha20Poly1305 keys.
 
 use crate::subtle;
+use alloc::{boxed::Box, format, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/core/Cargo.toml b/core/Cargo.toml
index 3478aa53..7688f5fa 100644
--- a/core/Cargo.toml
+++ b/core/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-core"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -14,20 +14,26 @@ default = []
 # The `insecure` feature enables methods that expose unencrypted key material
 insecure = []
 # The `json` feature enables methods for serializing keysets to/from JSON.
-json = ["tink-proto/json", "serde", "serde_json"]
+json = ["tink-proto/json", "serde", "serde_json", "std"]
+# The `std` feature enables:
+# - the `StreamingAead` primitive
+# - methods for serializing keysets to/from binary.
+# - `impl std::error::Error for TinkError`
+std = []
 
 [dependencies]
 digest = "^0.9"
 hkdf = "^0.11"
-lazy_static = "^1.4"
-prost = "^0.8"
-rand = "^0.7"
+lazy_static = { version = "^1.4", features = ["spin_no_std"] }
+prost = { version = "^0.8", default-features = false }
+rand = { version = "^0.8", default-features = false, features = ["alloc", "getrandom"] }
 serde = { version = "^1.0.126", features = ["derive"], optional = true }
 serde_json = { version = "^1.0.64", optional = true }
-sha-1 = "^0.9.7"
-sha2 = "^0.9.5"
-subtle = "^2.4"
-tink-proto = "^0.2"
+sha-1 = { version = "^0.9.7", default-features = false }
+sha2 = { version = "^0.9.5", default-features = false }
+spin = { version = "^0.9.2", features = ["once"] }
+subtle = { version = "^2.4", default-features = false }
+tink-proto = "^0.3"
 
 [package.metadata.docs.rs]
 all-features = true
diff --git a/core/src/aead.rs b/core/src/aead.rs
index 0cabf6ce..c676bbb3 100644
--- a/core/src/aead.rs
+++ b/core/src/aead.rs
@@ -16,6 +16,8 @@
 
 //! Authenticated encryption with additional authenticated data.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `Aead` is the interface for authenticated encryption with additional authenticated data.
 ///
 /// Implementations of this trait are secure against adaptive chosen ciphertext attacks.
diff --git a/core/src/cryptofmt/mod.rs b/core/src/cryptofmt/mod.rs
index 7434f61d..2e1fa7ba 100644
--- a/core/src/cryptofmt/mod.rs
+++ b/core/src/cryptofmt/mod.rs
@@ -17,6 +17,7 @@
 //! Provides constants and convenience methods that define the format of ciphertexts and signatures.
 
 use crate::TinkError;
+use alloc::vec::Vec;
 use tink_proto::OutputPrefixType;
 
 /// Prefix size of Tink and Legacy key types.
diff --git a/core/src/deterministic_aead.rs b/core/src/deterministic_aead.rs
index 5b9f6168..b2f0f0f1 100644
--- a/core/src/deterministic_aead.rs
+++ b/core/src/deterministic_aead.rs
@@ -16,6 +16,8 @@
 
 //! Deterministic authenticated encryption with associated data.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `DeterministicAead` is the interface for deterministic authenticated encryption with associated
 /// data.
 ///
diff --git a/core/src/hybrid_decrypt.rs b/core/src/hybrid_decrypt.rs
index f7afd108..43904e7d 100644
--- a/core/src/hybrid_decrypt.rs
+++ b/core/src/hybrid_decrypt.rs
@@ -16,6 +16,8 @@
 
 //! Hybrid decryption.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `HybridDecrypt` is the interface for hybrid decryption.
 ///
 /// Hybrid Encryption combines the efficiency of symmetric encryption with the convenience of
diff --git a/core/src/hybrid_encrypt.rs b/core/src/hybrid_encrypt.rs
index 583ab9eb..453de0bc 100644
--- a/core/src/hybrid_encrypt.rs
+++ b/core/src/hybrid_encrypt.rs
@@ -16,6 +16,8 @@
 
 //! Hybrid encryption.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `HybridEncrypt` is the interface for hybrid encryption.
 ///
 /// Hybrid Encryption combines the efficiency of symmetric encryption with the convenience of
diff --git a/core/src/keyset/handle.rs b/core/src/keyset/handle.rs
index 53dedbca..448a6ed3 100644
--- a/core/src/keyset/handle.rs
+++ b/core/src/keyset/handle.rs
@@ -17,8 +17,8 @@
 //! Handle wrapper for keysets.
 
 use crate::{utils::wrap_err, TinkError};
+use alloc::{boxed::Box, format, string::ToString, sync::Arc, vec, vec::Vec};
 use prost::Message;
-use std::sync::Arc;
 use tink_proto::{key_data::KeyMaterialType, Keyset, KeysetInfo};
 
 /// `Handle` provides access to a [`Keyset`] protobuf, to limit the exposure
@@ -351,10 +351,10 @@ fn get_key_info(key: &tink_proto::keyset::Key) -> tink_proto::keyset_info::KeyIn
     }
 }
 
-impl std::fmt::Debug for Handle {
+impl core::fmt::Debug for Handle {
     /// Return a string representation of the managed keyset.
     /// The result does not contain any sensitive key material.
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
         write!(f, "{:?}", get_keyset_info(&self.ks))
     }
 }
diff --git a/core/src/keyset/manager.rs b/core/src/keyset/manager.rs
index 00540541..e918d459 100644
--- a/core/src/keyset/manager.rs
+++ b/core/src/keyset/manager.rs
@@ -17,7 +17,8 @@
 //! Utilities for managing keys in a keyset.
 
 use crate::{utils::wrap_err, KeyId, TinkError};
-use rand::Rng;
+use alloc::format;
+use rand::{rngs::OsRng, Rng};
 use tink_proto::{KeyStatusType, OutputPrefixType};
 
 /// Manager manages a [`Keyset`](tink_proto::Keyset)-proto, with convenience methods that rotate,
@@ -209,10 +210,8 @@ impl Manager {
 
     /// Generate a key id that has not been used by any key in the [`Keyset`](tink_proto::Keyset).
     fn new_key_id(&self) -> KeyId {
-        let mut rng = rand::thread_rng();
-
         loop {
-            let ret = rng.gen::<u32>();
+            let ret = OsRng.gen::<u32>();
             if self.ks.key.iter().any(|x| x.key_id == ret) {
                 continue;
             }
diff --git a/core/src/keyset/mod.rs b/core/src/keyset/mod.rs
index 5a32ffec..51a167f1 100644
--- a/core/src/keyset/mod.rs
+++ b/core/src/keyset/mod.rs
@@ -16,7 +16,9 @@
 
 //! Provide methods to generate, read, write or validate keysets.
 
+#[cfg(feature = "std")]
 mod binary_io;
+#[cfg(feature = "std")]
 pub use binary_io::*;
 mod handle;
 pub use handle::*;
diff --git a/core/src/keyset/validation.rs b/core/src/keyset/validation.rs
index c4827381..0b194284 100644
--- a/core/src/keyset/validation.rs
+++ b/core/src/keyset/validation.rs
@@ -17,6 +17,7 @@
 //! Keyset validation functions.
 
 use crate::TinkError;
+use alloc::format;
 
 /// Check whether the given version is valid. The version is valid
 /// only if it is the range [0..max_expected].
diff --git a/core/src/lib.rs b/core/src/lib.rs
index 64afeaca..84f6d19d 100644
--- a/core/src/lib.rs
+++ b/core/src/lib.rs
@@ -15,9 +15,13 @@
 ////////////////////////////////////////////////////////////////////////////////
 
 //! Core crate for Tink.
-
+#![cfg_attr(not(feature = "std"), no_std)]
 #![deny(broken_intra_doc_links)]
 
+extern crate alloc;
+
+use alloc::boxed::Box;
+
 pub mod cryptofmt;
 pub mod keyset;
 pub mod primitiveset;
@@ -48,7 +52,9 @@ mod prf;
 pub use prf::*;
 mod signer;
 pub use signer::*;
+#[cfg(feature = "std")]
 mod streamingaead;
+#[cfg(feature = "std")]
 pub use streamingaead::*;
 mod verifier;
 pub use verifier::*;
@@ -62,6 +68,7 @@ pub enum Primitive {
     Mac(Box<dyn Mac>),
     Prf(Box<dyn Prf>),
     Signer(Box<dyn Signer>),
+    #[cfg(feature = "std")]
     StreamingAead(Box<dyn StreamingAead>),
     Verifier(Box<dyn Verifier>),
 }
@@ -79,6 +86,7 @@ impl Clone for Primitive {
             Primitive::Mac(p) => Primitive::Mac(p.box_clone()),
             Primitive::Prf(p) => Primitive::Prf(p.box_clone()),
             Primitive::Signer(p) => Primitive::Signer(p.box_clone()),
+            #[cfg(feature = "std")]
             Primitive::StreamingAead(p) => Primitive::StreamingAead(p.box_clone()),
             Primitive::Verifier(p) => Primitive::Verifier(p.box_clone()),
         }
@@ -151,6 +159,7 @@ impl From<Primitive> for Box<dyn Signer> {
     }
 }
 
+#[cfg(feature = "std")]
 impl From<Primitive> for Box<dyn StreamingAead> {
     fn from(p: Primitive) -> Box<dyn StreamingAead> {
         match p {
diff --git a/core/src/mac.rs b/core/src/mac.rs
index 6826cd86..4c86ebac 100644
--- a/core/src/mac.rs
+++ b/core/src/mac.rs
@@ -16,6 +16,8 @@
 
 //! Message Authentication Codes.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `Mac` is the interface for MACs (Message Authentication Codes).
 /// This interface should be used for authentication only, and not for other purposes
 /// (for example, it should not be used to generate pseudorandom bytes).
diff --git a/core/src/prf.rs b/core/src/prf.rs
index a54a2efb..2d26ede2 100644
--- a/core/src/prf.rs
+++ b/core/src/prf.rs
@@ -16,6 +16,8 @@
 
 //! Pseudo-random function.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// The `Prf` trait is an abstraction for an element of a pseudo random
 /// function family, selected by a key. It has the following property:
 ///   * It is deterministic. `compute_prf(input, length)` will always return the same output if the
diff --git a/core/src/primitiveset/mod.rs b/core/src/primitiveset/mod.rs
index 2991b95c..5803d732 100644
--- a/core/src/primitiveset/mod.rs
+++ b/core/src/primitiveset/mod.rs
@@ -21,7 +21,12 @@
 //! primary" one.
 
 use crate::utils::{wrap_err, TinkError};
-use std::collections::{hash_map, HashMap};
+use alloc::{
+    boxed::Box,
+    collections::{btree_map, BTreeMap},
+    vec,
+    vec::Vec,
+};
 
 /// `Entry` represents a single entry in the keyset. In addition to the actual
 /// primitive, it holds the identifier and status of the primitive.
@@ -71,7 +76,7 @@ pub struct PrimitiveSet {
     // The primitives are stored in a map of (ciphertext prefix, list of
     // primitives sharing the prefix). This allows quickly retrieving the
     // primitives sharing some particular prefix.
-    pub entries: HashMap<Vec<u8>, Vec<Entry>>,
+    pub entries: BTreeMap<Vec<u8>, Vec<Entry>>,
 }
 
 impl PrimitiveSet {
@@ -79,7 +84,7 @@ impl PrimitiveSet {
     pub fn new() -> Self {
         PrimitiveSet {
             primary: None,
-            entries: HashMap::new(),
+            entries: BTreeMap::new(),
         }
     }
 
@@ -118,8 +123,8 @@ impl PrimitiveSet {
         );
         let retval = entry.clone();
         match self.entries.entry(prefix) {
-            hash_map::Entry::Occupied(mut oe) => oe.get_mut().push(entry),
-            hash_map::Entry::Vacant(ve) => {
+            btree_map::Entry::Occupied(mut oe) => oe.get_mut().push(entry),
+            btree_map::Entry::Vacant(ve) => {
                 ve.insert(vec![entry]);
             }
         };
@@ -158,7 +163,7 @@ pub struct TypedPrimitiveSet<P: From<crate::Primitive>> {
     // The primitives are stored in a map of (ciphertext prefix, list of
     // primitives sharing the prefix). This allows quickly retrieving the
     // primitives sharing some particular prefix.
-    pub entries: HashMap<Vec<u8>, Vec<TypedEntry<P>>>,
+    pub entries: BTreeMap<Vec<u8>, Vec<TypedEntry<P>>>,
 }
 
 impl<P: From<crate::Primitive>> TypedPrimitiveSet<P> {
@@ -251,6 +256,7 @@ impl Clone for TypedEntry<Box<dyn crate::Signer>> {
         }
     }
 }
+#[cfg(feature = "std")]
 impl Clone for TypedEntry<Box<dyn crate::StreamingAead>> {
     fn clone(&self) -> Self {
         Self {
diff --git a/core/src/registry/key_manager.rs b/core/src/registry/key_manager.rs
index 6be1eaf9..ad9bfb68 100644
--- a/core/src/registry/key_manager.rs
+++ b/core/src/registry/key_manager.rs
@@ -17,6 +17,7 @@
 //! Trait definition for key managers.
 
 use crate::TinkError;
+use alloc::string::ToString;
 
 /// `KeyManager` "understands" keys of a specific key types: it can generate keys of a supported
 /// type and create primitives for supported keys.  A key type is identified by the global name of
@@ -29,7 +30,7 @@ pub trait KeyManager: Send + Sync {
 
     /// Generate a new key according to specification in `serialized_key_format`, which must be
     /// supported by this manager, returned as a serialized protocol buffer.
-    fn new_key(&self, serialized_key_format: &[u8]) -> Result<Vec<u8>, TinkError>;
+    fn new_key(&self, serialized_key_format: &[u8]) -> Result<alloc::vec::Vec<u8>, TinkError>;
 
     /// Return true iff this [`KeyManager`] supports key type identified by `type_url`.
     fn does_support(&self, type_url: &str) -> bool {
diff --git a/core/src/registry/key_templates.rs b/core/src/registry/key_templates.rs
index 5a30d8a7..69aed5d2 100644
--- a/core/src/registry/key_templates.rs
+++ b/core/src/registry/key_templates.rs
@@ -16,36 +16,31 @@
 
 //! Provides a registry of generator functions that return [`tink_proto::KeyTemplate`] objects.
 
+use alloc::{collections::BTreeMap, string::ToString};
 use lazy_static::lazy_static;
-use std::{collections::HashMap, sync::RwLock};
+use spin::RwLock;
 
 pub type KeyTemplateGenerator = fn() -> tink_proto::KeyTemplate;
 
 lazy_static! {
     /// Global registry of key template generator functions, indexed by template name.
-    static ref TEMPLATE_GENERATORS: RwLock<HashMap<String, KeyTemplateGenerator>> =
-        RwLock::new(HashMap::new());
+    static ref TEMPLATE_GENERATORS: RwLock<BTreeMap<alloc::string::String, KeyTemplateGenerator>> =
+        RwLock::new(BTreeMap::new());
 }
 
 /// Register a key template generator function by name.
 pub fn register_template_generator(name: &str, generator: KeyTemplateGenerator) {
     TEMPLATE_GENERATORS
         .write()
-        .unwrap() // safe: lock
         .insert(name.to_string(), generator);
 }
 
 /// Find a key template generator function by name.
 pub fn get_template_generator(name: &str) -> Option<KeyTemplateGenerator> {
-    TEMPLATE_GENERATORS.read().unwrap().get(name).copied() // safe: lock
+    TEMPLATE_GENERATORS.read().get(name).copied()
 }
 
 /// Return all available key template generator names.
-pub fn template_names() -> Vec<String> {
-    TEMPLATE_GENERATORS
-        .read()
-        .unwrap() // safe: lock
-        .keys()
-        .cloned()
-        .collect()
+pub fn template_names() -> alloc::vec::Vec<alloc::string::String> {
+    TEMPLATE_GENERATORS.read().keys().cloned().collect()
 }
diff --git a/core/src/registry/kms_client.rs b/core/src/registry/kms_client.rs
index d3ade597..715ab589 100644
--- a/core/src/registry/kms_client.rs
+++ b/core/src/registry/kms_client.rs
@@ -22,5 +22,8 @@ pub trait KmsClient: Send + Sync {
     fn supported(&self, key_uri: &str) -> bool;
 
     /// Get an [`Aead`](crate::Aead) backend by `key_uri`.
-    fn get_aead(&self, key_uri: &str) -> Result<Box<dyn crate::Aead>, crate::TinkError>;
+    fn get_aead(
+        &self,
+        key_uri: &str,
+    ) -> Result<alloc::boxed::Box<dyn crate::Aead>, crate::TinkError>;
 }
diff --git a/core/src/registry/mod.rs b/core/src/registry/mod.rs
index 3c6380e6..2bfeadf3 100644
--- a/core/src/registry/mod.rs
+++ b/core/src/registry/mod.rs
@@ -27,11 +27,9 @@
 //! public though, to enable configurations with custom primitives and [`KeyManager`]s.
 
 use crate::TinkError;
+use alloc::{collections::BTreeMap, format, sync::Arc, vec::Vec};
 use lazy_static::lazy_static;
-use std::{
-    collections::HashMap,
-    sync::{Arc, RwLock},
-};
+use spin::RwLock;
 
 mod kms_client;
 pub use kms_client::*;
@@ -42,23 +40,18 @@ pub use key_templates::*;
 
 lazy_static! {
     /// Global registry of key manager objects, indexed by type URL.
-    static ref KEY_MANAGERS: RwLock<HashMap<&'static str, Arc<dyn KeyManager>>> =
-        RwLock::new(HashMap::new());
+    static ref KEY_MANAGERS: RwLock<BTreeMap<&'static str, Arc<dyn KeyManager>>> =
+        RwLock::new(BTreeMap::new());
     /// Global list of KMS client objects.
     static ref KMS_CLIENTS: RwLock<Vec<Arc<dyn KmsClient>>> = RwLock::new(Vec::new());
 }
 
-/// Error message for global key manager registry lock.
-const MERR: &str = "global KEY_MANAGERS lock poisoned";
-/// Error message for global KMS client list lock.
-const CERR: &str = "global KMS_CLIENTS lock poisoned";
-
 /// Register the given key manager. Does not allow overwrite of existing key managers.
 pub fn register_key_manager<T>(km: Arc<T>) -> Result<(), TinkError>
 where
     T: 'static + KeyManager,
 {
-    let mut key_mgrs = KEY_MANAGERS.write().expect(MERR); // safe: lock
+    let mut key_mgrs = KEY_MANAGERS.write();
 
     let type_url = km.type_url();
     if key_mgrs.contains_key(type_url) {
@@ -74,7 +67,7 @@ where
 
 /// Return the key manager for the given `type_url` if it exists.
 pub fn get_key_manager(type_url: &str) -> Result<Arc<dyn KeyManager>, TinkError> {
-    let key_mgrs = KEY_MANAGERS.read().expect(MERR); // safe: lock
+    let key_mgrs = KEY_MANAGERS.read();
     let km = key_mgrs.get(type_url).ok_or_else(|| {
         TinkError::new(&format!(
             "registry::get_key_manager: unsupported key type: {}",
@@ -113,19 +106,19 @@ pub fn register_kms_client<T>(k: T)
 where
     T: 'static + KmsClient,
 {
-    let mut kms_clients = KMS_CLIENTS.write().expect(CERR); // safe: lock
+    let mut kms_clients = KMS_CLIENTS.write();
     kms_clients.push(Arc::new(k));
 }
 
 /// Remove all registered KMS clients.
 pub fn clear_kms_clients() {
-    let mut kms_clients = KMS_CLIENTS.write().expect(CERR); // safe: lock
+    let mut kms_clients = KMS_CLIENTS.write();
     kms_clients.clear();
 }
 
 /// Fetches a [`KmsClient`] by a given URI.
 pub fn get_kms_client(key_uri: &str) -> Result<Arc<dyn KmsClient>, TinkError> {
-    let kms_clients = KMS_CLIENTS.read().expect(CERR); // safe: lock
+    let kms_clients = KMS_CLIENTS.read();
     for k in kms_clients.iter() {
         if k.supported(key_uri) {
             return Ok(k.clone());
diff --git a/core/src/signer.rs b/core/src/signer.rs
index e77a301b..fdb3ef52 100644
--- a/core/src/signer.rs
+++ b/core/src/signer.rs
@@ -16,6 +16,8 @@
 
 //! Digital signature signing.
 
+use alloc::{boxed::Box, vec::Vec};
+
 /// `Signer` is the signing interface for digital signature.
 ///
 /// Implementations of this trait are secure against adaptive chosen-message
diff --git a/core/src/subtle/hkdf.rs b/core/src/subtle/hkdf.rs
index 492f4346..2eb6ea20 100644
--- a/core/src/subtle/hkdf.rs
+++ b/core/src/subtle/hkdf.rs
@@ -17,6 +17,7 @@
 //! HKDF functions.
 
 use crate::{utils::wrap_err, TinkError};
+use alloc::{format, vec, vec::Vec};
 use tink_proto::HashType;
 
 /// Minimum tag size in bytes. This provides minimum 80-bit security strength.
diff --git a/core/src/subtle/mod.rs b/core/src/subtle/mod.rs
index 719e4472..8b88aa64 100644
--- a/core/src/subtle/mod.rs
+++ b/core/src/subtle/mod.rs
@@ -17,6 +17,7 @@
 //! Common methods needed in subtle implementations.
 
 use crate::TinkError;
+use alloc::vec::Vec;
 use digest::Digest;
 use subtle::ConstantTimeEq;
 use tink_proto::HashType;
diff --git a/core/src/subtle/random.rs b/core/src/subtle/random.rs
index 629a6d79..08cf9d45 100644
--- a/core/src/subtle/random.rs
+++ b/core/src/subtle/random.rs
@@ -16,16 +16,17 @@
 
 //! Utilities for random data.
 
-use rand::{thread_rng, Rng};
+use alloc::vec;
+use rand::{rngs::OsRng, Rng};
 
 /// Return a vector of the given `size` filled with random bytes.
-pub fn get_random_bytes(size: usize) -> Vec<u8> {
+pub fn get_random_bytes(size: usize) -> alloc::vec::Vec<u8> {
     let mut data = vec![0u8; size];
-    thread_rng().fill(&mut data[..]);
+    OsRng.fill(&mut data[..]);
     data
 }
 
 /// Randomly generate an unsigned 32-bit integer.
 pub fn get_random_uint32() -> u32 {
-    thread_rng().gen()
+    OsRng.gen()
 }
diff --git a/core/src/utils.rs b/core/src/utils.rs
index 496f5859..3725cbd4 100644
--- a/core/src/utils.rs
+++ b/core/src/utils.rs
@@ -19,14 +19,16 @@
 //! Some of these utilities are not idiomatic Rust, but are included to make the process of
 //! translating code from other languages (e.g. Go) easier.
 
-use std::error::Error;
+use alloc::{
+    boxed::Box,
+    string::{String, ToString},
+};
 
 /// `Error` type for errors emitted by Tink. Note that errors from cryptographic
 /// operations are necessarily uninformative, to avoid information leakage.
-#[derive(Debug)]
 pub struct TinkError {
     msg: String,
-    src: Option<Box<dyn Error>>,
+    src: Option<alloc::boxed::Box<dyn core::fmt::Display>>,
 }
 
 impl TinkError {
@@ -35,8 +37,14 @@ impl TinkError {
     }
 }
 
-impl std::fmt::Display for TinkError {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+impl core::fmt::Debug for TinkError {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        <Self as core::fmt::Display>::fmt(self, f)
+    }
+}
+
+impl core::fmt::Display for TinkError {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
         if let Some(src) = &self.src {
             write!(f, "{}: {}", self.msg, src)
         } else {
@@ -45,9 +53,10 @@ impl std::fmt::Display for TinkError {
     }
 }
 
-impl Error for TinkError {}
+#[cfg(feature = "std")]
+impl std::error::Error for TinkError {}
 
-impl std::convert::From<&str> for TinkError {
+impl From<&str> for TinkError {
     fn from(msg: &str) -> Self {
         TinkError {
             msg: msg.to_string(),
@@ -56,7 +65,7 @@ impl std::convert::From<&str> for TinkError {
     }
 }
 
-impl std::convert::From<String> for TinkError {
+impl From<String> for TinkError {
     fn from(msg: String) -> Self {
         TinkError { msg, src: None }
     }
@@ -73,7 +82,7 @@ impl std::convert::From<String> for TinkError {
 /// ```
 pub fn wrap_err<T>(msg: &str, src: T) -> TinkError
 where
-    T: Error + 'static,
+    T: core::fmt::Display + 'static,
 {
     TinkError {
         msg: msg.to_string(),
diff --git a/core/src/verifier.rs b/core/src/verifier.rs
index 92007c5a..60c6e165 100644
--- a/core/src/verifier.rs
+++ b/core/src/verifier.rs
@@ -16,6 +16,8 @@
 
 //! Digital signature verification.
 
+use alloc::boxed::Box;
+
 /// `Verifier` is the verifying interface for digital signature.
 ///
 /// Implementations of this trait are secure against adaptive chosen-message
diff --git a/daead/Cargo.toml b/daead/Cargo.toml
index 8920ac2e..f1ffdcf2 100644
--- a/daead/Cargo.toml
+++ b/daead/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-daead"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -10,8 +10,9 @@ keywords = ["cryptography", "tink", "daead"]
 categories = ["cryptography"]
 
 [dependencies]
-aead = { version = "^0.4.2", features = ["std"] }
+aead = "^0.4.2"
 aes-siv = "^0.6"
-prost = "^0.8"
-tink-core = "^0.2"
-tink-proto = "^0.2"
+prost = { version = "^0.8", default-features = false }
+spin = { version = "^0.9.2", features = ["once"] }
+tink-core = "^0.3"
+tink-proto = "^0.3"
diff --git a/daead/src/aes_siv_key_manager.rs b/daead/src/aes_siv_key_manager.rs
index 74c9408d..dca6a5ee 100644
--- a/daead/src/aes_siv_key_manager.rs
+++ b/daead/src/aes_siv_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for AES-SIV keys for deterministic AEAD.
 
 use crate::subtle;
+use alloc::{boxed::Box, format, vec::Vec};
 use prost::Message;
 use tink_core::{
     registry::KeyManager,
diff --git a/daead/src/factory.rs b/daead/src/factory.rs
index 79134e50..7f3f4877 100644
--- a/daead/src/factory.rs
+++ b/daead/src/factory.rs
@@ -16,7 +16,7 @@
 
 //! Provides an implementation of deterministic AEAD using a set of underlying implementations.
 
-use std::sync::Arc;
+use alloc::{boxed::Box, sync::Arc, vec::Vec};
 use tink_core::utils::{wrap_err, TinkError};
 
 /// Return a [`tink_core::DeterministicAead`] primitive from the given keyset handle.
diff --git a/daead/src/key_templates.rs b/daead/src/key_templates.rs
index 101af1c0..489d4ac8 100644
--- a/daead/src/key_templates.rs
+++ b/daead/src/key_templates.rs
@@ -16,6 +16,7 @@
 
 //! This module contains pre-generated [`KeyTemplate`] instances for deterministic AEAD.
 
+use alloc::{string::ToString, vec::Vec};
 use prost::Message;
 use tink_proto::KeyTemplate;
 
diff --git a/daead/src/lib.rs b/daead/src/lib.rs
index 8eba42ba..2fc19c0d 100644
--- a/daead/src/lib.rs
+++ b/daead/src/lib.rs
@@ -20,8 +20,12 @@
 //! encrypting the same plaintex always yields the same ciphertext.
 
 #![deny(broken_intra_doc_links)]
+#![no_std]
 
-use std::sync::Once;
+extern crate alloc;
+
+use alloc::sync::Arc;
+use spin::{Mutex, Once};
 
 mod aes_siv_key_manager;
 pub use aes_siv_key_manager::*;
@@ -36,13 +40,13 @@ pub mod subtle;
 /// port is based on.
 pub const UPSTREAM_VERSION: &str = "1.6.0";
 
-static INIT: Once = Once::new();
+static INIT: Mutex<Once> = Mutex::new(Once::new());
 
 /// Initialize the `tink-daead` crate, registering its primitives so they are available via
 /// tink-core.
 pub fn init() {
-    INIT.call_once(|| {
-        tink_core::registry::register_key_manager(std::sync::Arc::new(AesSivKeyManager::default()))
+    INIT.lock().call_once(|| {
+        tink_core::registry::register_key_manager(Arc::new(AesSivKeyManager::default()))
             .expect("tink_daead::init() failed"); // safe: init
 
         tink_core::registry::register_template_generator("AES256_SIV", aes_siv_key_template);
diff --git a/daead/src/subtle.rs b/daead/src/subtle.rs
index ee865f17..af9af604 100644
--- a/daead/src/subtle.rs
+++ b/daead/src/subtle.rs
@@ -17,7 +17,8 @@
 //! Provides subtle implementations of the `DeterministicAEAD` primitive using AES-SIV.
 
 use aes_siv::{aead::generic_array::GenericArray, siv::Aes256Siv};
-use std::{cell::RefCell, rc::Rc};
+use alloc::{format, rc::Rc, vec::Vec};
+use core::cell::RefCell;
 use tink_core::{utils::wrap_err, TinkError};
 
 const AES_BLOCK_SIZE: usize = 16;
diff --git a/deny.toml b/deny.toml
index b0156e4a..26af1833 100644
--- a/deny.toml
+++ b/deny.toml
@@ -9,6 +9,9 @@ targets = [
     { triple = "x86_64-pc-windows-msvc" },
 ]
 
+[sources]
+allow-git = [ "https://github.com/daviddrysdale/ed25519-dalek" ]
+
 # Deny all advisories unless explicitly ignored.
 [advisories]
 vulnerability = "deny"
@@ -50,20 +53,10 @@ version = "=0.4.4"
 name = "security-framework-sys"
 version = "=0.4.3"
 
-# ed25519-dalek(v1.0.1) => rand_core(v0.5.x), {rand(v0.7.3) => getrandom(v0.1.*)}
-# tonic(v0.4.0) ..=> rand(v0.8.3) ..=> {rand_core(v0.6.x), getrandom(v0.2.x)}
-[[bans.skip]]
-name = "getrandom"
-version = "0.1.15"
-[[bans.skip]]
-name = "rand"
-version = "0.7.3"
-[[bans.skip]]
-name = "rand_core"
-version = "0.5.1"
+# hyper-rustls(v0.22.1) => rustls => ring(v0.16.20) => spin(v0.5.2)
 [[bans.skip]]
-name = "rand_chacha"
-version = "0.2.2"
+name = "spin"
+version = "0.5.2"
 
 ######################################
 
diff --git a/examples/aead/Cargo.toml b/examples/aead/Cargo.toml
index 3163f13e..2a2f001a 100644
--- a/examples/aead/Cargo.toml
+++ b/examples/aead/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-aead"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,5 +8,5 @@ publish = false
 
 [dependencies]
 hex = "^0.4.3"
-tink-aead = "^0.2"
-tink-core = "^0.2"
+tink-aead = "^0.3"
+tink-core = "^0.3"
diff --git a/examples/daead/Cargo.toml b/examples/daead/Cargo.toml
index dae5b95a..09d33132 100644
--- a/examples/daead/Cargo.toml
+++ b/examples/daead/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-daead"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,5 +8,5 @@ publish = false
 
 [dependencies]
 hex = "^0.4.3"
-tink-core = "^0.2"
-tink-daead = "^0.2"
+tink-core = "^0.3"
+tink-daead = "^0.3"
diff --git a/examples/keygen/Cargo.toml b/examples/keygen/Cargo.toml
index 04a6db49..11c03740 100644
--- a/examples/keygen/Cargo.toml
+++ b/examples/keygen/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "example-keygen"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
 publish = false
 
 [dependencies]
-tink-core = "^0.2"
-tink-daead = "^0.2"
+tink-core = "^0.3"
+tink-daead = "^0.3"
diff --git a/examples/keymgr/Cargo.toml b/examples/keymgr/Cargo.toml
index c443c4c4..d8bc6c8e 100644
--- a/examples/keymgr/Cargo.toml
+++ b/examples/keymgr/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "example-keymgr"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
 publish = false
 
 [dependencies]
-tink-aead = "^0.2"
-tink-core = "^0.2"
+tink-aead = "^0.3"
+tink-core = "^0.3"
diff --git a/examples/kms/Cargo.toml b/examples/kms/Cargo.toml
index 821447a3..1fd90372 100644
--- a/examples/kms/Cargo.toml
+++ b/examples/kms/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-kms"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,6 +8,6 @@ publish = false
 
 [dependencies]
 hex = "^0.4.3"
-tink-aead = "^0.2"
-tink-core = { version = "^0.2", features = ["insecure"] }
-tink-awskms = "^0.2"
+tink-aead = "^0.3"
+tink-core = { version = "^0.3", features = ["insecure"] }
+tink-awskms = "^0.3"
diff --git a/examples/mac/Cargo.toml b/examples/mac/Cargo.toml
index 8293081c..d06c01e9 100644
--- a/examples/mac/Cargo.toml
+++ b/examples/mac/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-mac"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,5 +8,5 @@ publish = false
 
 [dependencies]
 hex = "^0.4.3"
-tink-core = "^0.2"
-tink-mac = "^0.2"
+tink-core = "^0.3"
+tink-mac = "^0.3"
diff --git a/examples/signature/Cargo.toml b/examples/signature/Cargo.toml
index 9de358a6..c101f06d 100644
--- a/examples/signature/Cargo.toml
+++ b/examples/signature/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-signature"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,5 +8,5 @@ publish = false
 
 [dependencies]
 hex = "^0.4.3"
-tink-core = "^0.2"
-tink-signature = "^0.2"
+tink-core = "^0.3"
+tink-signature = "^0.3"
diff --git a/examples/streaming/Cargo.toml b/examples/streaming/Cargo.toml
index 4233f78d..b2283079 100644
--- a/examples/streaming/Cargo.toml
+++ b/examples/streaming/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "example-streaming"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -8,5 +8,5 @@ publish = false
 
 [dependencies]
 tempfile = "^3.2"
-tink-core = "^0.2"
-tink-streaming-aead = "^0.2"
+tink-core = "^0.3"
+tink-streaming-aead = "^0.3"
diff --git a/integration/awskms/Cargo.toml b/integration/awskms/Cargo.toml
index 639d6323..4c7b9f18 100644
--- a/integration/awskms/Cargo.toml
+++ b/integration/awskms/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-awskms"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -16,6 +16,6 @@ regex = "^1.5.4"
 rusoto_core = "^0.47"
 rusoto_credential = "^0.47"
 rusoto_kms = "^0.47"
-tink-core = "^0.2"
+tink-core = "^0.3"
 # Match the version of tokio required by rusoto_* v0.46.0
 tokio = "^1.8"
diff --git a/integration/gcpkms/Cargo.toml b/integration/gcpkms/Cargo.toml
index c2f76a57..3bbe47d6 100644
--- a/integration/gcpkms/Cargo.toml
+++ b/integration/gcpkms/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-gcpkms"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -20,6 +20,6 @@ lazy_static = "^1.4"
 percent-encoding = "^2.1"
 serde = { version = "^1.0", features = ["derive"] }
 serde_json = "^1.0.64"
-tink-core = "^0.2"
+tink-core = "^0.3"
 tokio = "^1.8"
 yup-oauth2 = "^5.1"
diff --git a/mac/Cargo.toml b/mac/Cargo.toml
index 24d2bacb..d47a7477 100644
--- a/mac/Cargo.toml
+++ b/mac/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-mac"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -10,7 +10,8 @@ keywords = ["cryptography", "tink", "mac"]
 categories = ["cryptography"]
 
 [dependencies]
-prost = "^0.8"
-tink-core = "^0.2"
-tink-prf = "^0.2"
-tink-proto = "^0.2"
+prost = { version = "^0.8", default-features = false }
+spin = { version = "^0.9.2", features = ["once"] }
+tink-core = "^0.3"
+tink-prf = "^0.3"
+tink-proto = "^0.3"
diff --git a/mac/src/aes_cmac_key_manager.rs b/mac/src/aes_cmac_key_manager.rs
index 2d1fdf0a..7ed9d3db 100644
--- a/mac/src/aes_cmac_key_manager.rs
+++ b/mac/src/aes_cmac_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for AES-CMAC keys for MAC.
 
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/mac/src/factory.rs b/mac/src/factory.rs
index 3a7ae4b3..ec0a45b8 100644
--- a/mac/src/factory.rs
+++ b/mac/src/factory.rs
@@ -16,7 +16,7 @@
 
 //! Provides an implementation of MAC using a set of underlying implementations.
 
-use std::sync::Arc;
+use alloc::{boxed::Box, sync::Arc, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 use tink_proto::OutputPrefixType;
 
diff --git a/mac/src/hmac_key_manager.rs b/mac/src/hmac_key_manager.rs
index ba7892ea..41216d91 100644
--- a/mac/src/hmac_key_manager.rs
+++ b/mac/src/hmac_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for AES-CMAC keys for HMAC.
 
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 use tink_proto::HashType;
diff --git a/mac/src/key_templates.rs b/mac/src/key_templates.rs
index b9a6b283..242c15ff 100644
--- a/mac/src/key_templates.rs
+++ b/mac/src/key_templates.rs
@@ -16,6 +16,7 @@
 
 //! This module contains pre-generated [`KeyTemplate`] instances for MAC.
 
+use alloc::{string::ToString, vec::Vec};
 use prost::Message;
 use tink_proto::KeyTemplate;
 
diff --git a/mac/src/lib.rs b/mac/src/lib.rs
index 7c561e44..1522d880 100644
--- a/mac/src/lib.rs
+++ b/mac/src/lib.rs
@@ -20,9 +20,13 @@
 //! message.  MAC protects data integrity as well as provides for authenticity
 //! of the message.
 
+#![no_std]
 #![deny(broken_intra_doc_links)]
 
-use std::sync::Once;
+extern crate alloc;
+
+use alloc::sync::Arc;
+use spin::{Mutex, Once};
 
 mod aes_cmac_key_manager;
 pub use aes_cmac_key_manager::*;
@@ -39,18 +43,16 @@ pub mod subtle;
 /// port is based on.
 pub const UPSTREAM_VERSION: &str = "1.6.0";
 
-static INIT: Once = Once::new();
+static INIT: Mutex<Once> = Mutex::new(Once::new());
 
 /// Initialize the `tink-daead` crate, registering its primitives so they are available via
 /// Tink.
 pub fn init() {
-    INIT.call_once(|| {
-        tink_core::registry::register_key_manager(std::sync::Arc::new(HmacKeyManager::default()))
+    INIT.lock().call_once(|| {
+        tink_core::registry::register_key_manager(Arc::new(HmacKeyManager::default()))
+            .expect("tink_mac::init() failed"); // safe: init
+        tink_core::registry::register_key_manager(Arc::new(AesCmacKeyManager::default()))
             .expect("tink_mac::init() failed"); // safe: init
-        tink_core::registry::register_key_manager(
-            std::sync::Arc::new(AesCmacKeyManager::default()),
-        )
-        .expect("tink_mac::init() failed"); // safe: init
 
         tink_core::registry::register_template_generator(
             "HMAC_SHA256_128BITTAG",
diff --git a/mac/src/subtle/cmac.rs b/mac/src/subtle/cmac.rs
index 805de7c1..d849e2a6 100644
--- a/mac/src/subtle/cmac.rs
+++ b/mac/src/subtle/cmac.rs
@@ -16,6 +16,7 @@
 
 //! Provides an implementation of MAC using AES-CMAC.
 
+use alloc::{format, vec::Vec};
 use tink_core::{utils::wrap_err, Prf, TinkError};
 
 const MIN_CMAC_KEY_SIZE_IN_BYTES: usize = 16;
diff --git a/mac/src/subtle/hmac.rs b/mac/src/subtle/hmac.rs
index 0c9c6396..6a0e6a26 100644
--- a/mac/src/subtle/hmac.rs
+++ b/mac/src/subtle/hmac.rs
@@ -16,6 +16,7 @@
 
 //! Provides an implementation of MAC using HMAC.
 
+use alloc::vec::Vec;
 use tink_core::{utils::wrap_err, Prf, TinkError};
 use tink_proto::HashType;
 
diff --git a/no-std-check/Cargo.lock b/no-std-check/Cargo.lock
new file mode 100644
index 00000000..f6de296a
--- /dev/null
+++ b/no-std-check/Cargo.lock
@@ -0,0 +1,991 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 3
+
+[[package]]
+name = "aead"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e3e798aa0c8239776f54415bc06f3d74b1850f3f830b45c35cfc80556973f70"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "aes"
+version = "0.7.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "495ee669413bfbe9e8cace80f4d3d78e6d8c8d99579f97fb93bde351b185f2d4"
+dependencies = [
+ "cfg-if",
+ "cipher",
+ "cpufeatures",
+ "ctr",
+ "opaque-debug",
+]
+
+[[package]]
+name = "aes-gcm"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bc3be92e19a7ef47457b8e6f90707e12b6ac5d20c6f3866584fa3be0787d839f"
+dependencies = [
+ "aead",
+ "aes",
+ "cipher",
+ "ctr",
+ "ghash",
+ "subtle",
+]
+
+[[package]]
+name = "aes-gcm-siv"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cfde8146762f3c5f3c5cd41aa17a71f3188df09d5857192b658510d850e16068"
+dependencies = [
+ "aead",
+ "aes",
+ "cipher",
+ "ctr",
+ "polyval",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "aes-siv"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63b1439568d47108b9707c3f00d50601c14e5ba6092262a64df2c9715bbb16bb"
+dependencies = [
+ "aead",
+ "aes",
+ "cipher",
+ "cmac",
+ "crypto-mac",
+ "ctr",
+ "dbl",
+ "zeroize",
+]
+
+[[package]]
+name = "anyhow"
+version = "1.0.42"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "595d3cfa7a60d4555cb5067b99f07142a08ea778de5cf993f7b75c7d8fabc486"
+
+[[package]]
+name = "autocfg"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
+
+[[package]]
+name = "bitflags"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
+
+[[package]]
+name = "bitvec"
+version = "0.20.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7774144344a4faa177370406a7ff5f1da24303817368584c6206c8303eb07848"
+dependencies = [
+ "funty",
+ "radium",
+ "tap",
+ "wyz",
+]
+
+[[package]]
+name = "block-buffer"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "byteorder"
+version = "1.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610"
+
+[[package]]
+name = "bytes"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b700ce4376041dcd0a327fd0097c41095743c4c8af8887265942faf1100bd040"
+
+[[package]]
+name = "cfg-if"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
+
+[[package]]
+name = "chacha20"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fee7ad89dc1128635074c268ee661f90c3f7e83d9fd12910608c36b47d6c3412"
+dependencies = [
+ "cfg-if",
+ "cipher",
+ "cpufeatures",
+ "zeroize",
+]
+
+[[package]]
+name = "chacha20poly1305"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1580317203210c517b6d44794abfbe600698276db18127e37ad3e69bf5e848e5"
+dependencies = [
+ "aead",
+ "chacha20",
+ "cipher",
+ "poly1305",
+ "zeroize",
+]
+
+[[package]]
+name = "cipher"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "cmac"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b70e37282d9624283878ffda1d1e53883bcf868cf441bddda44127620b39572d"
+dependencies = [
+ "crypto-mac",
+ "dbl",
+]
+
+[[package]]
+name = "const-oid"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "279bc8fc53f788a75c7804af68237d1fce02cde1e275a886a4b320604dc2aeda"
+
+[[package]]
+name = "cpufeatures"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "66c99696f6c9dd7f35d486b9d04d7e6e202aa3e8c40d553f2fdf5e7e0c6a71ef"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crypto-mac"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "25fab6889090c8133f3deb8f73ba3c65a7f456f66436fc012a1b1e272b1e103e"
+dependencies = [
+ "cipher",
+ "generic-array",
+ "subtle",
+]
+
+[[package]]
+name = "ctr"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a232f92a03f37dd7d7dd2adc67166c77e9cd88de5b019b9a9eecfaeaf7bfd481"
+dependencies = [
+ "cipher",
+]
+
+[[package]]
+name = "curve25519-dalek-ng"
+version = "4.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "574d8b2cd0bae5434fd50d53280f8299d95557a978686555880aaf5b8f4f81e9"
+dependencies = [
+ "byteorder",
+ "digest",
+ "rand_core",
+ "subtle-ng",
+ "zeroize",
+]
+
+[[package]]
+name = "dbl"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37e797687b5f09528a48fcb63b6914d0255b8a6c760699a919af37042f09d9b3"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "der"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2eeb9d92785d1facb50567852ce75d0858630630e7eabea59cf7eb7474051087"
+dependencies = [
+ "const-oid",
+ "typenum",
+]
+
+[[package]]
+name = "digest"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "ecdsa"
+version = "0.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "34d33b390ab82f2e1481e331dbd0530895640179d2128ef9a79cc690b78d1eba"
+dependencies = [
+ "der",
+ "elliptic-curve",
+ "hmac",
+ "signature",
+]
+
+[[package]]
+name = "ed25519"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8d0860415b12243916284c67a9be413e044ee6668247b99ba26d94b2bc06c8f6"
+dependencies = [
+ "signature",
+]
+
+[[package]]
+name = "ed25519-dalek"
+version = "1.0.2"
+source = "git+https://github.com/daviddrysdale/ed25519-dalek?branch=rand-bump#eebf0b3fead5690101c0d44d5cc6de45e63b9aa8"
+dependencies = [
+ "curve25519-dalek-ng",
+ "ed25519",
+ "rand",
+ "sha2",
+ "zeroize",
+]
+
+[[package]]
+name = "either"
+version = "1.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457"
+
+[[package]]
+name = "elliptic-curve"
+version = "0.9.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c13e9b0c3c4170dcc2a12783746c4205d98e18957f57854251eea3f9750fe005"
+dependencies = [
+ "bitvec",
+ "ff",
+ "generic-array",
+ "group",
+ "pkcs8",
+ "rand_core",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "ff"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72a4d941a5b7c2a75222e2d44fcdf634a67133d9db31e177ae5ff6ecda852bfe"
+dependencies = [
+ "bitvec",
+ "rand_core",
+ "subtle",
+]
+
+[[package]]
+name = "fixedbitset"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d"
+
+[[package]]
+name = "funty"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fed34cd105917e91daa4da6b3728c47b068749d6a62c59811f06ed2ac71d9da7"
+
+[[package]]
+name = "generic-array"
+version = "0.14.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "501466ecc8a30d1d3b7fc9229b122b2ce8ed6e9d9223f1138d4babb253e51817"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7fcd999463524c52659517fe2cea98493cfe485d10565e7b0fb07dbba7ad2753"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi",
+]
+
+[[package]]
+name = "ghash"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7bbd60caa311237d508927dbba7594b483db3ef05faa55172fcf89b1bcda7853"
+dependencies = [
+ "opaque-debug",
+ "polyval",
+]
+
+[[package]]
+name = "group"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "61b3c1e8b4f1ca07e6605ea1be903a5f6956aec5c8a67fd44d56076631675ed8"
+dependencies = [
+ "ff",
+ "rand_core",
+ "subtle",
+]
+
+[[package]]
+name = "hashbrown"
+version = "0.11.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e"
+
+[[package]]
+name = "heck"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c"
+dependencies = [
+ "unicode-segmentation",
+]
+
+[[package]]
+name = "hkdf"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b"
+dependencies = [
+ "digest",
+ "hmac",
+]
+
+[[package]]
+name = "hmac"
+version = "0.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b"
+dependencies = [
+ "crypto-mac",
+ "digest",
+]
+
+[[package]]
+name = "indexmap"
+version = "1.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bc633605454125dec4b66843673f01c7df2b89479b32e0ed634e43a91cff62a5"
+dependencies = [
+ "autocfg",
+ "hashbrown",
+]
+
+[[package]]
+name = "itertools"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69ddb889f9d0d08a67338271fa9b62996bc788c7796a5c18cf057420aaed5eaf"
+dependencies = [
+ "either",
+]
+
+[[package]]
+name = "lazy_static"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+dependencies = [
+ "spin 0.5.2",
+]
+
+[[package]]
+name = "libc"
+version = "0.2.98"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "320cfe77175da3a483efed4bc0adc1968ca050b098ce4f2f1c13a56626128790"
+
+[[package]]
+name = "lock_api"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0382880606dff6d15c9476c416d18690b72742aa7b605bb6dd6ec9030fbf07eb"
+dependencies = [
+ "scopeguard",
+]
+
+[[package]]
+name = "log"
+version = "0.4.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
+name = "multimap"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a"
+
+[[package]]
+name = "no-std-check"
+version = "0.1.0"
+dependencies = [
+ "libc",
+ "tink-aead",
+ "tink-core",
+ "tink-daead",
+ "tink-mac",
+ "tink-prf",
+ "tink-proto",
+ "tink-signature",
+]
+
+[[package]]
+name = "opaque-debug"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
+
+[[package]]
+name = "p256"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f05f5287453297c4c16af5e2b04df8fd2a3008d70f252729650bc6d7ace5844"
+dependencies = [
+ "ecdsa",
+ "elliptic-curve",
+ "sha2",
+]
+
+[[package]]
+name = "petgraph"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "467d164a6de56270bd7c4d070df81d07beace25012d5103ced4e9ff08d6afdb7"
+dependencies = [
+ "fixedbitset",
+ "indexmap",
+]
+
+[[package]]
+name = "pkcs8"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c9c2f795bc591cb3384cb64082a578b89207ac92bb89c9d98c1ea2ace7cd8110"
+dependencies = [
+ "der",
+ "spki",
+]
+
+[[package]]
+name = "poly1305"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4fe800695325da85083cd23b56826fccb2e2dc29b218e7811a6f33bc93f414be"
+dependencies = [
+ "cpufeatures",
+ "opaque-debug",
+ "universal-hash",
+]
+
+[[package]]
+name = "polyval"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e597450cbf209787f0e6de80bf3795c6b2356a380ee87837b545aded8dbc1823"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "opaque-debug",
+ "universal-hash",
+]
+
+[[package]]
+name = "ppv-lite86"
+version = "0.2.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac74c624d6b2d21f425f752262f42188365d7b8ff1aff74c82e45136510a4857"
+
+[[package]]
+name = "proc-macro2"
+version = "1.0.27"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0d8caf72986c1a598726adc988bb5984792ef84f5ee5aa50209145ee8077038"
+dependencies = [
+ "unicode-xid",
+]
+
+[[package]]
+name = "prost"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "de5e2533f59d08fcf364fd374ebda0692a70bd6d7e66ef97f306f45c6c5d8020"
+dependencies = [
+ "bytes",
+ "prost-derive",
+]
+
+[[package]]
+name = "prost-build"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603"
+dependencies = [
+ "bytes",
+ "heck",
+ "itertools",
+ "log",
+ "multimap",
+ "petgraph",
+ "prost",
+ "prost-types",
+ "tempfile",
+ "which",
+]
+
+[[package]]
+name = "prost-derive"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "600d2f334aa05acb02a755e217ef1ab6dea4d51b58b7846588b747edec04efba"
+dependencies = [
+ "anyhow",
+ "itertools",
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
+[[package]]
+name = "prost-types"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "603bbd6394701d13f3f25aada59c7de9d35a6a5887cfc156181234a44002771b"
+dependencies = [
+ "bytes",
+ "prost",
+]
+
+[[package]]
+name = "quote"
+version = "1.0.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7"
+dependencies = [
+ "proc-macro2",
+]
+
+[[package]]
+name = "radium"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "643f8f41a8ebc4c5dc4515c82bb8abd397b527fc20fd681b7c011c2aee5d44fb"
+
+[[package]]
+name = "rand"
+version = "0.8.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2e7573632e6454cf6b99d7aac4ccca54be06da05aca2ef7423d22d27d4d4bcd8"
+dependencies = [
+ "libc",
+ "rand_chacha",
+ "rand_core",
+ "rand_hc",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+dependencies = [
+ "ppv-lite86",
+ "rand_core",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7"
+dependencies = [
+ "getrandom",
+]
+
+[[package]]
+name = "rand_hc"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d51e9f596de227fda2ea6c84607f5558e196eeaf43c986b724ba4fb8fdf497e7"
+dependencies = [
+ "rand_core",
+]
+
+[[package]]
+name = "redox_syscall"
+version = "0.2.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ab49abadf3f9e1c4bc499e8845e152ad87d2ad2d30371841171169e9d75feee"
+dependencies = [
+ "bitflags",
+]
+
+[[package]]
+name = "remove_dir_all"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7"
+dependencies = [
+ "winapi",
+]
+
+[[package]]
+name = "scopeguard"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
+
+[[package]]
+name = "sha-1"
+version = "0.9.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a0c8611594e2ab4ebbf06ec7cbbf0a99450b8570e96cbf5188b5d5f6ef18d81"
+dependencies = [
+ "block-buffer",
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+ "opaque-debug",
+]
+
+[[package]]
+name = "sha2"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b362ae5752fd2137731f9fa25fd4d9058af34666ca1966fb969119cc35719f12"
+dependencies = [
+ "block-buffer",
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+ "opaque-debug",
+]
+
+[[package]]
+name = "signature"
+version = "1.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c19772be3c4dd2ceaacf03cb41d5885f2a02c4d8804884918e3a258480803335"
+dependencies = [
+ "digest",
+ "rand_core",
+]
+
+[[package]]
+name = "spin"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
+
+[[package]]
+name = "spin"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "511254be0c5bcf062b019a6c89c01a664aa359ded62f78aa72c6fc137c0590e5"
+dependencies = [
+ "lock_api",
+]
+
+[[package]]
+name = "spki"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9dae7e047abc519c96350e9484a96c6bf1492348af912fd3446dd2dc323f6268"
+dependencies = [
+ "der",
+]
+
+[[package]]
+name = "subtle"
+version = "2.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
+
+[[package]]
+name = "subtle-ng"
+version = "2.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8049cf85f0e715d6af38dde439cb0ccb91f67fb9f5f63c80f8b43e48356e1a3f"
+
+[[package]]
+name = "syn"
+version = "1.0.73"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f71489ff30030d2ae598524f61326b902466f72a0fb1a8564c001cc63425bcc7"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "unicode-xid",
+]
+
+[[package]]
+name = "synstructure"
+version = "0.12.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "474aaa926faa1603c40b7885a9eaea29b444d1cb2850cb7c0e37bb1a4182f4fa"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+ "unicode-xid",
+]
+
+[[package]]
+name = "tap"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
+
+[[package]]
+name = "tempfile"
+version = "3.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "rand",
+ "redox_syscall",
+ "remove_dir_all",
+ "winapi",
+]
+
+[[package]]
+name = "tink-aead"
+version = "0.3.0"
+dependencies = [
+ "aead",
+ "aes",
+ "aes-gcm",
+ "aes-gcm-siv",
+ "chacha20poly1305",
+ "generic-array",
+ "prost",
+ "rand",
+ "spin 0.9.2",
+ "tink-core",
+ "tink-mac",
+ "tink-proto",
+]
+
+[[package]]
+name = "tink-core"
+version = "0.3.0"
+dependencies = [
+ "digest",
+ "hkdf",
+ "lazy_static",
+ "prost",
+ "rand",
+ "sha-1",
+ "sha2",
+ "spin 0.9.2",
+ "subtle",
+ "tink-proto",
+]
+
+[[package]]
+name = "tink-daead"
+version = "0.3.0"
+dependencies = [
+ "aead",
+ "aes-siv",
+ "prost",
+ "spin 0.9.2",
+ "tink-core",
+ "tink-proto",
+]
+
+[[package]]
+name = "tink-mac"
+version = "0.3.0"
+dependencies = [
+ "prost",
+ "spin 0.9.2",
+ "tink-core",
+ "tink-prf",
+ "tink-proto",
+]
+
+[[package]]
+name = "tink-prf"
+version = "0.3.0"
+dependencies = [
+ "aes",
+ "cmac",
+ "digest",
+ "hkdf",
+ "hmac",
+ "prost",
+ "sha-1",
+ "sha2",
+ "spin 0.9.2",
+ "tink-core",
+ "tink-proto",
+]
+
+[[package]]
+name = "tink-proto"
+version = "0.3.0"
+dependencies = [
+ "prost",
+ "prost-build",
+]
+
+[[package]]
+name = "tink-signature"
+version = "0.3.0"
+dependencies = [
+ "ecdsa",
+ "ed25519-dalek",
+ "generic-array",
+ "p256",
+ "prost",
+ "rand",
+ "signature",
+ "spin 0.9.2",
+ "tink-core",
+ "tink-proto",
+]
+
+[[package]]
+name = "typenum"
+version = "1.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "879f6906492a7cd215bfa4cf595b600146ccfac0c79bcbd1f3000162af5e8b06"
+
+[[package]]
+name = "unicode-segmentation"
+version = "1.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8895849a949e7845e06bd6dc1aa51731a103c42707010a5b591c0038fb73385b"
+
+[[package]]
+name = "unicode-xid"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
+
+[[package]]
+name = "universal-hash"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8326b2c654932e3e4f9196e69d08fdf7cfd718e1dc6f66b347e6024a0c961402"
+dependencies = [
+ "generic-array",
+ "subtle",
+]
+
+[[package]]
+name = "version_check"
+version = "0.9.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe"
+
+[[package]]
+name = "wasi"
+version = "0.10.2+wasi-snapshot-preview1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6"
+
+[[package]]
+name = "which"
+version = "4.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b55551e42cbdf2ce2bedd2203d0cc08dba002c27510f86dab6d0ce304cba3dfe"
+dependencies = [
+ "either",
+ "libc",
+]
+
+[[package]]
+name = "winapi"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
+dependencies = [
+ "winapi-i686-pc-windows-gnu",
+ "winapi-x86_64-pc-windows-gnu",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+
+[[package]]
+name = "wyz"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85e60b0d1b5f99db2556934e21937020776a5d31520bf169e851ac44e6420214"
+
+[[package]]
+name = "zeroize"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eeafe61337cb2c879d328b74aa6cd9d794592c82da6be559fdf11493f02a2d18"
+dependencies = [
+ "zeroize_derive",
+]
+
+[[package]]
+name = "zeroize_derive"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a2c1e130bebaeab2f23886bf9acbaca14b092408c452543c857f66399cd6dab1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+ "synstructure",
+]
diff --git a/no-std-check/Cargo.toml b/no-std-check/Cargo.toml
new file mode 100644
index 00000000..522c560f
--- /dev/null
+++ b/no-std-check/Cargo.toml
@@ -0,0 +1,41 @@
+[package]
+name = "no-std-check"
+version = "0.1.0"
+authors = ["David Drysdale <drysdale@google.com>"]
+edition = "2018"
+license = "Apache-2.0"
+description = "Internal binary crate to check all Tink deps are no_std"
+repository = "https://github.com/project-oak/tink-rust"
+
+[dependencies]
+libc = { version = "0.2", default-features = false }
+tink-aead = "^0.3"
+# tink-awskms requires std
+tink-core = { version = "^0.3", features = ["insecure"] }
+tink-daead = "^0.3"
+# tink-gcpkms requires std
+tink-mac = "^0.3"
+tink-prf = "^0.3"
+tink-proto = "^0.3"
+tink-signature = "^0.3"
+# tink-streaming-aead requires std
+
+[profile.dev]
+panic = "abort"
+
+[profile.release]
+panic = "abort"
+
+# Patch dependencies on tink crates so that they refer to the versions within this same repository.
+[patch.crates-io]
+# TODO(#7): remove if/when https://github.com/dalek-cryptography/ed25519-dalek/pull/160 is merged.
+ed25519-dalek = { git = "https://github.com/daviddrysdale/ed25519-dalek", branch = "rand-bump" }
+tink-aead = { path = "../aead" }
+tink-core = { path = "../core" }
+tink-daead = { path = "../daead" }
+tink-mac = { path = "../mac" }
+tink-prf = { path = "../prf" }
+tink-proto = { path = "../proto" }
+tink-signature = { path = "../signature" }
+
+[workspace]
diff --git a/no-std-check/deny.toml b/no-std-check/deny.toml
new file mode 100644
index 00000000..7b049a14
--- /dev/null
+++ b/no-std-check/deny.toml
@@ -0,0 +1,62 @@
+# Configuration used for dependency checking with cargo-deny.
+#
+# For further details on all configuration options see:
+# https://embarkstudios.github.io/cargo-deny/checks/cfg.html
+targets = [
+    { triple = "x86_64-unknown-linux-gnu" },
+    { triple = "x86_64-unknown-linux-musl" },
+    { triple = "x86_64-apple-darwin" },
+    { triple = "x86_64-pc-windows-msvc" },
+]
+
+# Deny all advisories unless explicitly ignored.
+[advisories]
+vulnerability = "deny"
+unmaintained = "deny"
+yanked = "deny"
+notice = "deny"
+ignore = []
+
+# Deny multiple versions unless explicitly skipped.
+[bans]
+multiple-versions = "deny"
+wildcards = "allow"
+
+######################################
+
+# ed25519-dalek(v1.0.1) => rand_core(v0.5.x), {rand(v0.7.3) => getrandom(v0.1.*)}
+[[bans.skip]]
+name = "getrandom"
+version = "0.1.15"
+[[bans.skip]]
+name = "rand"
+version = "0.7.3"
+[[bans.skip]]
+name = "rand_core"
+version = "0.5.1"
+[[bans.skip]]
+name = "rand_chacha"
+version = "0.2.2"
+
+# lazy_static(v1.4.0) => spin(v0.5.2)
+[[bans.skip]]
+name = "spin"
+version = "0.5.2"
+
+######################################
+
+# List of allowed licenses.
+# For more detailed information see http://go/thirdpartylicenses.
+[licenses]
+allow = [
+  "Apache-2.0",
+  "MIT",
+  "BSD-3-Clause",
+]
+copyleft = "deny"
+
+[[licenses.clarify]]
+name = "ring"
+version = "*"
+expression = "MIT AND ISC AND OpenSSL"
+license-files = [{ path = "LICENSE", hash = 3171872035 }]
diff --git a/no-std-check/src/main.rs b/no-std-check/src/main.rs
new file mode 100644
index 00000000..d18002db
--- /dev/null
+++ b/no-std-check/src/main.rs
@@ -0,0 +1,49 @@
+// Copyright 2021 The Tink-Rust Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+//! This binary crate is `no_std`, and used to check that no `std` depedencies
+//! have crept into `tink-*` crates and their dependencies.
+#![no_std]
+#![no_main]
+#![feature(lang_items)]
+#![feature(start)]
+#![allow(unused_imports)]
+
+use tink_aead;
+use tink_core;
+use tink_daead;
+use tink_mac;
+use tink_prf;
+use tink_proto;
+use tink_signature;
+
+#[panic_handler]
+fn panic(_info: &core::panic::PanicInfo) -> ! {
+    loop {}
+}
+
+#[lang = "eh_personality"]
+extern "C" fn my_eh_personality() {}
+
+#[no_mangle]
+pub extern "C" fn _start() -> ! {
+    loop {}
+}
+
+#[start]
+pub extern "C" fn _main(_argc: isize, _argv: *const *const u8) -> isize {
+    0
+}
diff --git a/prf/Cargo.toml b/prf/Cargo.toml
index b825ed80..33cdf821 100644
--- a/prf/Cargo.toml
+++ b/prf/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-prf"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -15,8 +15,9 @@ cmac = "^0.6"
 digest = "^0.9"
 hkdf = "^0.11"
 hmac = "^0.11"
-prost = "^0.8"
-sha-1 = "^0.9.7"
-sha2 = "^0.9.5"
-tink-core = "^0.2"
-tink-proto = "^0.2"
+prost = { version = "^0.8", default-features = false }
+sha-1 = { version = "^0.9.7", default-features = false }
+sha2 = { version = "^0.9.5", default-features = false }
+spin = { version = "^0.9.2", features = ["once"] }
+tink-core = "^0.3"
+tink-proto = "^0.3"
diff --git a/prf/src/aes_cmac_prf_key_manager.rs b/prf/src/aes_cmac_prf_key_manager.rs
index 664e543c..bcbc8de6 100644
--- a/prf/src/aes_cmac_prf_key_manager.rs
+++ b/prf/src/aes_cmac_prf_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for AES-CMAC keys for PRF.
 
 use crate::subtle;
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/prf/src/hkdf_prf_key_manager.rs b/prf/src/hkdf_prf_key_manager.rs
index acc7ae5c..132257e3 100644
--- a/prf/src/hkdf_prf_key_manager.rs
+++ b/prf/src/hkdf_prf_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for HKDF keys for PRF.
 
 use crate::subtle;
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 use tink_proto::HashType;
diff --git a/prf/src/hmac_prf_key_manager.rs b/prf/src/hmac_prf_key_manager.rs
index 757a1958..2a874bf3 100644
--- a/prf/src/hmac_prf_key_manager.rs
+++ b/prf/src/hmac_prf_key_manager.rs
@@ -17,6 +17,7 @@
 //! Key manager for HMAC keys for PRF.
 
 use crate::subtle;
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 use tink_proto::HashType;
diff --git a/prf/src/key_templates.rs b/prf/src/key_templates.rs
index 9da820cf..8a1ed37b 100644
--- a/prf/src/key_templates.rs
+++ b/prf/src/key_templates.rs
@@ -16,6 +16,7 @@
 
 //! This module contains pre-generated [`KeyTemplate`] instances for PRF.
 
+use alloc::{string::ToString, vec::Vec};
 use prost::Message;
 use tink_proto::KeyTemplate;
 
diff --git a/prf/src/lib.rs b/prf/src/lib.rs
index f3065e1b..505906dd 100644
--- a/prf/src/lib.rs
+++ b/prf/src/lib.rs
@@ -15,10 +15,13 @@
 ////////////////////////////////////////////////////////////////////////////////
 
 //! This crate provides implementations of the [`tink_core::Prf`] primitive.
-
+#![no_std]
 #![deny(broken_intra_doc_links)]
 
-use std::sync::Once;
+extern crate alloc;
+
+use alloc::sync::Arc;
+use spin::{Mutex, Once};
 use tink_core::registry::register_key_manager;
 
 mod aes_cmac_prf_key_manager;
@@ -38,17 +41,17 @@ pub mod subtle;
 /// port is based on.
 pub const UPSTREAM_VERSION: &str = "1.6.0";
 
-static INIT: Once = Once::new();
+static INIT: Mutex<Once> = Mutex::new(Once::new());
 
 /// Initialize the `tink-prf` crate, registering its primitives so they are available via
 /// Tink.
 pub fn init() {
-    INIT.call_once(|| {
-        register_key_manager(std::sync::Arc::new(HmacPrfKeyManager::default()))
+    INIT.lock().call_once(|| {
+        register_key_manager(Arc::new(HmacPrfKeyManager::default()))
             .expect("tink_prf::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(HkdfPrfKeyManager::default()))
+        register_key_manager(Arc::new(HkdfPrfKeyManager::default()))
             .expect("tink_prf::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(AesCmacPrfKeyManager::default()))
+        register_key_manager(Arc::new(AesCmacPrfKeyManager::default()))
             .expect("tink_prf::init() failed"); // safe: init
 
         tink_core::registry::register_template_generator(
diff --git a/prf/src/set_factory.rs b/prf/src/set_factory.rs
index 06a42f1b..5a13e7da 100644
--- a/prf/src/set_factory.rs
+++ b/prf/src/set_factory.rs
@@ -16,7 +16,7 @@
 
 //! Provides an implementation of PRF using a set of underlying implementations.
 
-use std::{collections::HashMap, sync::Arc};
+use alloc::{boxed::Box, collections::BTreeMap, format, sync::Arc, vec::Vec};
 use tink_core::{utils::wrap_err, Prf, TinkError};
 
 /// `Set` is a set of PRFs. A [`Keyset`](tink_proto::Keyset) can be converted into a set of PRFs
@@ -27,7 +27,7 @@ pub struct Set {
     /// The key ID marked as primary in the corresponding [`Keyset`](tink_proto::Keyset).
     pub primary_id: u32,
     /// Map key IDs to their corresponding Prf.
-    pub prfs: HashMap<u32, Box<dyn Prf>>,
+    pub prfs: BTreeMap<u32, Box<dyn Prf>>,
 }
 
 impl Set {
@@ -74,7 +74,7 @@ fn wrap_prf_set(ps: tink_core::primitiveset::PrimitiveSet) -> Result<Set, TinkEr
     }
     let mut set = Set {
         primary_id: entry.key_id,
-        prfs: HashMap::new(),
+        prfs: BTreeMap::new(),
     };
 
     let entries = ps.raw_entries();
diff --git a/prf/src/subtle/aes_cmac.rs b/prf/src/subtle/aes_cmac.rs
index 8fee9554..ae634dc0 100644
--- a/prf/src/subtle/aes_cmac.rs
+++ b/prf/src/subtle/aes_cmac.rs
@@ -17,12 +17,10 @@
 //! Provides an implementation of PRF using AES-CMAC.
 
 use aes::{Aes128, Aes192, Aes256};
+use alloc::{boxed::Box, format, sync::Arc, vec::Vec};
 use cmac::{Cmac, Mac, NewMac};
-use std::{
-    cmp::min,
-    ops::DerefMut,
-    sync::{Arc, Mutex},
-};
+use core::{cmp::min, ops::DerefMut};
+use spin::Mutex;
 use tink_core::TinkError;
 
 const RECOMMENDED_KEY_SIZE: usize = 32;
@@ -89,29 +87,22 @@ impl tink_core::Prf for AesCmacPrf {
             )
             .into());
         }
-        Ok(
-            match self
-                .mac
-                .lock()
-                .expect("internal lock corrupted") // safe: lock
-                .deref_mut()
-            {
-                AesCmacVariant::Aes128(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                AesCmacVariant::Aes192(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                AesCmacVariant::Aes256(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-            },
-        )
+        Ok(match self.mac.lock().deref_mut() {
+            AesCmacVariant::Aes128(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            AesCmacVariant::Aes192(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            AesCmacVariant::Aes256(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+        })
     }
 }
diff --git a/prf/src/subtle/hkdf.rs b/prf/src/subtle/hkdf.rs
index 7409c465..3d62b904 100644
--- a/prf/src/subtle/hkdf.rs
+++ b/prf/src/subtle/hkdf.rs
@@ -16,6 +16,7 @@
 
 //! Provides an implementation of PRF using HKDF.
 
+use alloc::{format, vec, vec::Vec};
 use tink_core::TinkError;
 use tink_proto::HashType;
 
diff --git a/prf/src/subtle/hmac.rs b/prf/src/subtle/hmac.rs
index 9145aa37..a97ab663 100644
--- a/prf/src/subtle/hmac.rs
+++ b/prf/src/subtle/hmac.rs
@@ -17,11 +17,9 @@
 //! Provides an implementation of PRF using HMAC.
 
 use ::hmac::{Hmac, Mac, NewMac};
-use std::{
-    cmp::min,
-    ops::DerefMut,
-    sync::{Arc, Mutex},
-};
+use alloc::{format, sync::Arc, vec::Vec};
+use core::{cmp::min, ops::DerefMut};
+use spin::Mutex;
 use tink_core::TinkError;
 use tink_proto::HashType;
 
@@ -104,39 +102,32 @@ impl tink_core::Prf for HmacPrf {
             )
             .into());
         }
-        Ok(
-            match self
-                .mac
-                .lock()
-                .expect("internal lock corrupted") // safe: lock
-                .deref_mut()
-            {
-                HmacPrfVariant::Sha1(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                HmacPrfVariant::Sha224(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                HmacPrfVariant::Sha256(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                HmacPrfVariant::Sha384(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-                HmacPrfVariant::Sha512(mac) => {
-                    mac.update(data);
-                    let result = mac.finalize_reset().into_bytes();
-                    result[..min(result.len(), output_length)].to_vec()
-                }
-            },
-        )
+        Ok(match self.mac.lock().deref_mut() {
+            HmacPrfVariant::Sha1(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            HmacPrfVariant::Sha224(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            HmacPrfVariant::Sha256(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            HmacPrfVariant::Sha384(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+            HmacPrfVariant::Sha512(mac) => {
+                mac.update(data);
+                let result = mac.finalize_reset().into_bytes();
+                result[..min(result.len(), output_length)].to_vec()
+            }
+        })
     }
 }
diff --git a/proto/Cargo.toml b/proto/Cargo.toml
index 0193e918..caa5bf95 100644
--- a/proto/Cargo.toml
+++ b/proto/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-proto"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -14,9 +14,9 @@ default = []
 json = ["base64", "serde"]
 
 [dependencies]
-base64 = { version = "^0.13", optional = true }
-prost = "^0.8"
-serde = { version = "^1.0.126", features = ["derive"], optional = true }
+base64 = { version = "^0.13", default-features = false, features = ["alloc"], optional = true }
+prost = { version = "^0.8", default-features = false }
+serde = { version = "^1.0.126", default-features = false, features = ["alloc", "derive"], optional = true }
 
 [build-dependencies]
 prost-build = "^0.8"
diff --git a/proto/src/lib.rs b/proto/src/lib.rs
index 3560a45b..9d4e812c 100644
--- a/proto/src/lib.rs
+++ b/proto/src/lib.rs
@@ -16,8 +16,12 @@
 
 //! Protocol buffer message definitions for Tink.
 
+#![no_std]
 #![deny(broken_intra_doc_links)]
 
+#[cfg(feature = "json")]
+extern crate alloc;
+
 #[cfg(not(feature = "json"))]
 include!("codegen/google.crypto.tink.rs");
 #[cfg(feature = "json")]
@@ -30,6 +34,7 @@ pub mod json {
     //! the `i32` values used by prost.
     pub mod key_status_type {
         //! Manual JSON serialization for [`KeyStatusType`](crate::KeyStatusType) enums.
+        use alloc::string::String;
         use serde::Deserialize;
         pub fn serialize<S: serde::Serializer>(
             val: &i32,
@@ -56,6 +61,7 @@ pub mod json {
     }
     pub mod output_prefix_type {
         //! Manual JSON serialization for [`OutputPrefixType`](crate::OutputPrefixType) enums.
+        use alloc::string::String;
         use serde::Deserialize;
         pub fn serialize<S: serde::Serializer>(
             val: &i32,
@@ -85,6 +91,7 @@ pub mod json {
     pub mod key_material_type {
         //! Manual JSON serialization for [`KeyMaterialType`](crate::key_data::KeyMaterialType)
         //! enums.
+        use alloc::string::String;
         use serde::Deserialize;
         pub fn serialize<S: serde::Serializer>(
             val: &i32,
@@ -113,6 +120,7 @@ pub mod json {
     }
     pub mod b64 {
         //! Manual serialization implementations for base64-encoded binary data.
+        use alloc::{string::String, vec::Vec};
         use serde::Deserialize;
         pub fn serialize<S: serde::Serializer>(
             val: &[u8],
diff --git a/rinkey/Cargo.toml b/rinkey/Cargo.toml
index 12a805ca..6042e5a7 100644
--- a/rinkey/Cargo.toml
+++ b/rinkey/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "rinkey"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -11,13 +11,13 @@ categories = ["cryptography", "command-line-utilities"]
 
 [dependencies]
 structopt = "^0.3.22"
-tink-aead = "^0.2"
-tink-awskms = "^0.2"
-tink-core = { version = "^0.2", features = ["insecure", "json"] }
-tink-daead = "^0.2"
-tink-gcpkms = "^0.2"
-tink-mac = "^0.2"
-tink-prf = "^0.2"
-tink-proto = "^0.2"
-tink-signature = "^0.2"
-tink-streaming-aead = "^0.2"
+tink-aead = "^0.3"
+tink-awskms = "^0.3"
+tink-core = { version = "^0.3", features = ["insecure", "json"] }
+tink-daead = "^0.3"
+tink-gcpkms = "^0.3"
+tink-mac = "^0.3"
+tink-prf = "^0.3"
+tink-proto = "^0.3"
+tink-signature = "^0.3"
+tink-streaming-aead = "^0.3"
diff --git a/signature/Cargo.toml b/signature/Cargo.toml
index 8f94f8f9..df866eb0 100644
--- a/signature/Cargo.toml
+++ b/signature/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-signature"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -11,11 +11,12 @@ categories = ["cryptography"]
 
 [dependencies]
 ecdsa = { version = "^0.11", features = ["der"] }
-ed25519-dalek = "^1.0.1"
+ed25519-dalek = { version = "^1.0.2", default-features = false, features = ["rand", "u64_backend"]}
 generic-array = "^0.14.4"
 p256 = "^0.8.1"
-prost = "^0.8"
-rand = "^0.7"
-signature = "^1.3"
-tink-core = "^0.2"
-tink-proto = "^0.2"
+prost = { version = "^0.8", default-features = false }
+rand = { version = "^0.8", default-features = false, features = ["alloc", "getrandom"] }
+signature = { version = "^1.3", default-features = false }
+spin = { version = "^0.9.2", features = ["once"] }
+tink-core = "^0.3"
+tink-proto = "^0.3"
diff --git a/signature/src/ecdsa_signer_key_manager.rs b/signature/src/ecdsa_signer_key_manager.rs
index 5c3ac064..3f01cb50 100644
--- a/signature/src/ecdsa_signer_key_manager.rs
+++ b/signature/src/ecdsa_signer_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for ECDSA signing keys.
 
+use alloc::{boxed::Box, format, string::ToString, vec::Vec};
 use generic_array::typenum::Unsigned;
 use p256::elliptic_curve;
 use prost::Message;
diff --git a/signature/src/ecdsa_verifier_key_manager.rs b/signature/src/ecdsa_verifier_key_manager.rs
index 1eedec82..9bff82f2 100644
--- a/signature/src/ecdsa_verifier_key_manager.rs
+++ b/signature/src/ecdsa_verifier_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for ECDSA verification keys.
 
+use alloc::{boxed::Box, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/signature/src/ed25519_signer_key_manager.rs b/signature/src/ed25519_signer_key_manager.rs
index 6f0f5d6b..7d878ef3 100644
--- a/signature/src/ed25519_signer_key_manager.rs
+++ b/signature/src/ed25519_signer_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for ED25519 signing keys.
 
+use alloc::{boxed::Box, format, string::ToString, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/signature/src/ed25519_verifier_key_manager.rs b/signature/src/ed25519_verifier_key_manager.rs
index 8ab6a4a8..9a6d7b68 100644
--- a/signature/src/ed25519_verifier_key_manager.rs
+++ b/signature/src/ed25519_verifier_key_manager.rs
@@ -16,6 +16,7 @@
 
 //! Key manager for ED25519 verification keys.
 
+use alloc::{boxed::Box, format, vec::Vec};
 use prost::Message;
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/signature/src/lib.rs b/signature/src/lib.rs
index a93cd7df..594175bd 100644
--- a/signature/src/lib.rs
+++ b/signature/src/lib.rs
@@ -19,8 +19,12 @@
 //! To sign data using Tink you can use ECDSA or ED25519 key templates.
 
 #![deny(broken_intra_doc_links)]
+#![no_std]
 
-use std::sync::Once;
+extern crate alloc;
+
+use alloc::sync::Arc;
+use spin::{Mutex, Once};
 use tink_core::registry::register_key_manager;
 
 mod ecdsa_signer_key_manager;
@@ -46,22 +50,22 @@ pub mod subtle;
 /// port is based on.
 pub const UPSTREAM_VERSION: &str = "1.6.0";
 
-static INIT: Once = Once::new();
+static INIT: Mutex<Once> = Mutex::new(Once::new());
 
 /// Initialize the `tink-signature` crate, registering its primitives so they are available via
 /// Tink.
 pub fn init() {
-    INIT.call_once(|| {
+    INIT.lock().call_once(|| {
         // ECDSA
-        register_key_manager(std::sync::Arc::new(EcdsaSignerKeyManager::default()))
+        register_key_manager(Arc::new(EcdsaSignerKeyManager::default()))
             .expect("tink_signature::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(EcdsaVerifierKeyManager::default()))
+        register_key_manager(Arc::new(EcdsaVerifierKeyManager::default()))
             .expect("tink_signature::init() failed"); // safe: init
 
         // Ed25519
-        register_key_manager(std::sync::Arc::new(Ed25519SignerKeyManager::default()))
+        register_key_manager(Arc::new(Ed25519SignerKeyManager::default()))
             .expect("tink_signature::init() failed"); // safe: init
-        register_key_manager(std::sync::Arc::new(Ed25519VerifierKeyManager::default()))
+        register_key_manager(Arc::new(Ed25519VerifierKeyManager::default()))
             .expect("tink_signature::init() failed"); // safe: init
 
         tink_core::registry::register_template_generator("ECDSA_P256", ecdsa_p256_key_template);
diff --git a/signature/src/signature_key_templates.rs b/signature/src/signature_key_templates.rs
index fc50f4c4..9a3a3bd2 100644
--- a/signature/src/signature_key_templates.rs
+++ b/signature/src/signature_key_templates.rs
@@ -16,6 +16,7 @@
 
 //! This module contains pre-generated KeyTemplates for Signer and Verifier.
 /// One can use these templates to generate new Keysets.
+use alloc::{string::ToString, vec, vec::Vec};
 use prost::Message;
 use tink_proto::KeyTemplate;
 
diff --git a/signature/src/signer_factory.rs b/signature/src/signer_factory.rs
index 65ade6d7..bfac153d 100644
--- a/signature/src/signer_factory.rs
+++ b/signature/src/signer_factory.rs
@@ -16,7 +16,7 @@
 
 //! Factory methods for [`tink_core::Signer`] instances.
 
-use std::sync::Arc;
+use alloc::{boxed::Box, sync::Arc, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// Return a [`tink_core::Signer`] primitive from the given keyset handle.
diff --git a/signature/src/subtle/ecdsa_common.rs b/signature/src/subtle/ecdsa_common.rs
index 4cdc7f03..78438864 100644
--- a/signature/src/subtle/ecdsa_common.rs
+++ b/signature/src/subtle/ecdsa_common.rs
@@ -14,6 +14,7 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+use alloc::format;
 use tink_core::TinkError;
 use tink_proto::{EcdsaSignatureEncoding, EllipticCurveType, HashType};
 
diff --git a/signature/src/subtle/ecdsa_signer.rs b/signature/src/subtle/ecdsa_signer.rs
index deb3f6bf..30d4ff26 100644
--- a/signature/src/subtle/ecdsa_signer.rs
+++ b/signature/src/subtle/ecdsa_signer.rs
@@ -14,6 +14,7 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+use alloc::{format, vec::Vec};
 use generic_array::typenum::Unsigned;
 use p256::{
     ecdsa::signature::{RandomizedSigner, Signature},
diff --git a/signature/src/subtle/ecdsa_verifier.rs b/signature/src/subtle/ecdsa_verifier.rs
index 6f2b3c7f..9eb58a96 100644
--- a/signature/src/subtle/ecdsa_verifier.rs
+++ b/signature/src/subtle/ecdsa_verifier.rs
@@ -14,6 +14,7 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+use alloc::{format, vec};
 use generic_array::typenum::Unsigned;
 use p256::{
     ecdsa::{signature::Verifier, Signature},
diff --git a/signature/src/subtle/ed25519_signer.rs b/signature/src/subtle/ed25519_signer.rs
index ebb6fbb2..6891cda9 100644
--- a/signature/src/subtle/ed25519_signer.rs
+++ b/signature/src/subtle/ed25519_signer.rs
@@ -14,6 +14,7 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+use alloc::vec::Vec;
 use signature::{Signature, Signer as RustCryptoSigner};
 use tink_core::{utils::wrap_err, Signer, TinkError};
 
diff --git a/signature/src/subtle/ed25519_verifier.rs b/signature/src/subtle/ed25519_verifier.rs
index c5ff0440..9d5c94fe 100644
--- a/signature/src/subtle/ed25519_verifier.rs
+++ b/signature/src/subtle/ed25519_verifier.rs
@@ -14,6 +14,7 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+use alloc::format;
 use signature::{Signature, Verifier as RustCryptoVerifier};
 use tink_core::{utils::wrap_err, TinkError};
 
diff --git a/signature/src/verifier_factory.rs b/signature/src/verifier_factory.rs
index 35708649..c1a98b46 100644
--- a/signature/src/verifier_factory.rs
+++ b/signature/src/verifier_factory.rs
@@ -16,7 +16,7 @@
 
 //! Factory methods for [`tink_core::Verifier`] instances.
 
-use std::sync::Arc;
+use alloc::{boxed::Box, sync::Arc, vec::Vec};
 use tink_core::{utils::wrap_err, TinkError};
 
 /// Return a [`tink_core::Verifier`] primitive from the given keyset handle.
diff --git a/streaming/Cargo.toml b/streaming/Cargo.toml
index 2fe4e268..86fbc944 100644
--- a/streaming/Cargo.toml
+++ b/streaming/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-streaming-aead"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -11,10 +11,9 @@ categories = ["cryptography"]
 
 [dependencies]
 aes = { version = "^0.7.4", features = ["ctr"] }
-# Need the `std` feature for Error type conversion
-aes-gcm = { version = "^0.9.2", features = ["std"] }
-prost = "^0.8"
-rand = "^0.7"
-tink-core = "^0.2"
-tink-mac = "^0.2"
-tink-proto = "^0.2"
+aes-gcm = { version = "^0.9.2" }
+prost = { version = "^0.8", default-features = false }
+rand = { version = "^0.8", default-features = false, features = ["alloc", "getrandom"] }
+tink-core = { version = "^0.3", features = ["std"] }
+tink-mac = "^0.3"
+tink-proto = "^0.3"
diff --git a/testing/Cargo.toml b/testing/Cargo.toml
index 47becbc2..509db595 100644
--- a/testing/Cargo.toml
+++ b/testing/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-testing-server"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -16,18 +16,18 @@ futures = "^0.3.15"
 log = "^0.4.14"
 prost = "^0.8"
 structopt = "^0.3.22"
-tink-aead = "^0.2"
-tink-core = { version = "^0.2", features = [
+tink-aead = "^0.3"
+tink-core = { version = "^0.3", features = [
   "insecure",
   "json",
  ] }
-tink-daead = "^0.2"
-tink-mac = "^0.2"
-tink-prf = "^0.2"
-tink-proto = "^0.2"
-tink-signature = "^0.2"
-tink-streaming-aead = "^0.2"
-tink-tests = "^0.2"
+tink-daead = "^0.3"
+tink-mac = "^0.3"
+tink-prf = "^0.3"
+tink-proto = "^0.3"
+tink-signature = "^0.3"
+tink-streaming-aead = "^0.3"
+tink-tests = "^0.3"
 tokio = { version = "^1.8", features = [
   "macros",
   "rt-multi-thread",
diff --git a/tests/Cargo.toml b/tests/Cargo.toml
index f26983a6..245c8400 100644
--- a/tests/Cargo.toml
+++ b/tests/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tink-tests"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["David Drysdale <drysdale@google.com>"]
 edition = "2018"
 license = "Apache-2.0"
@@ -12,32 +12,32 @@ publish = false
 
 [dependencies]
 base64 = "^0.13"
-ed25519-dalek = "^1.0.1"
+ed25519-dalek = { version = "^1.0.2", default-features = false, features = ["rand", "u64_backend"]}
 generic-array = "^0.14.4"
 hex = "^0.4.3"
 p256 = "^0.8.1"
-prost = "^0.8"
-rand = "^0.7"
+prost = { version = "^0.8", default-features = false }
+rand = { version = "^0.8", default-features = false, features = ["alloc", "getrandom"] }
 regex = "^1.5.4"
 serde = { version = "^1.0.126", features = ["derive"] }
 serde_json = "^1.0.64"
-tink-core = { version = "^0.2", features = ["insecure", "json"] }
-tink-aead = "^0.2"
-tink-daead = "^0.2"
-tink-mac = "^0.2"
-tink-proto = "^0.2"
+tink-core = { version = "^0.3", features = ["insecure", "json"] }
+tink-aead = "^0.3"
+tink-daead = "^0.3"
+tink-mac = "^0.3"
+tink-proto = "^0.3"
 
 [dev-dependencies]
 base64 = "^0.13"
 hex = "^0.4.3"
-lazy_static = "^1.4"
+lazy_static = { version = "^1.4", features = ["spin_no_std"] }
 maplit = "^1.0.2"
 tempfile = "^3.2"
-tink-aead = "^0.2"
-tink-awskms = "^0.2"
-tink-daead = "^0.2"
-tink-gcpkms = "^0.2"
-tink-mac = "^0.2"
-tink-prf = "^0.2"
-tink-signature = "^0.2"
-tink-streaming-aead = "^0.2"
+tink-aead = "^0.3"
+tink-awskms = "^0.3"
+tink-daead = "^0.3"
+tink-gcpkms = "^0.3"
+tink-mac = "^0.3"
+tink-prf = "^0.3"
+tink-signature = "^0.3"
+tink-streaming-aead = "^0.3"
diff --git a/tests/src/lib.rs b/tests/src/lib.rs
index db2a1354..88ccd4a0 100644
--- a/tests/src/lib.rs
+++ b/tests/src/lib.rs
@@ -387,7 +387,7 @@ pub fn get_ecdsa_params(
 /// Create an [`Ed25519PrivateKey`](tink_proto::Ed25519PrivateKey) with randomly generated key
 /// material.
 pub fn new_ed25519_private_key() -> tink_proto::Ed25519PrivateKey {
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = ed25519_dalek::Keypair::generate(&mut csprng);
 
     let public_proto = tink_proto::Ed25519PublicKey {
diff --git a/tests/tests/aead/subtle/chacha20poly1305_test.rs b/tests/tests/aead/subtle/chacha20poly1305_test.rs
index 6ae72c58..19a73eb9 100644
--- a/tests/tests/aead/subtle/chacha20poly1305_test.rs
+++ b/tests/tests/aead/subtle/chacha20poly1305_test.rs
@@ -15,7 +15,7 @@
 ////////////////////////////////////////////////////////////////////////////////
 
 use super::{chacha20poly1305_vectors::*, wycheproof::*};
-use rand::{thread_rng, Rng};
+use rand::{rngs::OsRng, Rng};
 use std::collections::HashSet;
 use tink_aead::subtle;
 use tink_core::{subtle::random::get_random_bytes, Aead};
@@ -172,7 +172,7 @@ fn test_cha_cha20_poly1305_modify_ciphertext() {
             .unwrap_or_else(|e| panic!("#{}: encrypt failed: {:?}", i, e));
 
         if !aad.is_empty() {
-            let alter_aad_idx = thread_rng().gen_range(0, aad.len());
+            let alter_aad_idx = OsRng.gen_range(0..aad.len());
             aad[alter_aad_idx] ^= 0x80;
             assert!(
                 ca.decrypt(&ct, &aad).is_err(),
@@ -182,7 +182,7 @@ fn test_cha_cha20_poly1305_modify_ciphertext() {
             aad[alter_aad_idx] ^= 0x80;
         }
 
-        let alter_ct_idx = thread_rng().gen_range(0, ct.len());
+        let alter_ct_idx = OsRng.gen_range(0..ct.len());
         ct[alter_ct_idx] ^= 0x80;
         assert!(
             ca.decrypt(&ct, &aad).is_err(),
diff --git a/tests/tests/aead/subtle/xchacha20poly1305_test.rs b/tests/tests/aead/subtle/xchacha20poly1305_test.rs
index aa22ef36..88307dc1 100644
--- a/tests/tests/aead/subtle/xchacha20poly1305_test.rs
+++ b/tests/tests/aead/subtle/xchacha20poly1305_test.rs
@@ -15,7 +15,7 @@
 ////////////////////////////////////////////////////////////////////////////////
 
 use super::{wycheproof::*, xchacha20poly1305_vectors::*};
-use rand::{thread_rng, Rng};
+use rand::{rngs::OsRng, Rng};
 use std::collections::HashSet;
 use tink_aead::subtle;
 use tink_core::{subtle::random::get_random_bytes, Aead};
@@ -173,7 +173,7 @@ fn test_x_cha_cha20_poly1305_modify_ciphertext() {
             .unwrap_or_else(|e| panic!("#{}: encrypt failed: {:?}", i, e));
 
         if !aad.is_empty() {
-            let alter_aad_idx = thread_rng().gen_range(0, aad.len());
+            let alter_aad_idx = OsRng.gen_range(0..aad.len());
             aad[alter_aad_idx] ^= 0x80;
             assert!(
                 ca.decrypt(&ct, &aad).is_err(),
@@ -183,7 +183,7 @@ fn test_x_cha_cha20_poly1305_modify_ciphertext() {
             aad[alter_aad_idx] ^= 0x80;
         }
 
-        let alter_ct_idx = thread_rng().gen_range(0, ct.len());
+        let alter_ct_idx = OsRng.gen_range(0..ct.len());
         ct[alter_ct_idx] ^= 0x80;
         assert!(
             ca.decrypt(&ct, &aad).is_err(),
diff --git a/tests/tests/signature/subtle/ed25519_signer_verifier_test.rs b/tests/tests/signature/subtle/ed25519_signer_verifier_test.rs
index d31114e8..005416df 100644
--- a/tests/tests/signature/subtle/ed25519_signer_verifier_test.rs
+++ b/tests/tests/signature/subtle/ed25519_signer_verifier_test.rs
@@ -23,7 +23,7 @@ use tink_tests::WycheproofResult;
 #[test]
 fn test_ed25519_deterministic() {
     let data = get_random_bytes(20);
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = Keypair::generate(&mut csprng);
 
     // Use the private key and public key directly to create new instances
@@ -46,7 +46,7 @@ fn test_ed25519_deterministic() {
 #[test]
 fn test_ed25519_verify_modified_signature() {
     let data = get_random_bytes(20);
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = Keypair::generate(&mut csprng);
 
     // Use the private key and public key directly to create new instances
@@ -73,7 +73,7 @@ fn test_ed25519_verify_modified_signature() {
 #[test]
 fn test_ed25519_verify_truncated_signature() {
     let data = get_random_bytes(20);
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = Keypair::generate(&mut csprng);
 
     // Use the private key and public key directly to create new instances
@@ -89,7 +89,7 @@ fn test_ed25519_verify_truncated_signature() {
 #[test]
 fn test_ed25519_verify_modified_message() {
     let mut data = get_random_bytes(20);
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = Keypair::generate(&mut csprng);
 
     // Use the private key and public key directly to create new instances
@@ -114,7 +114,7 @@ fn test_ed25519_verify_modified_message() {
 }
 #[test]
 fn test_ed25519_sign_verify() {
-    let mut csprng = rand::thread_rng();
+    let mut csprng = rand::rngs::OsRng;
     let keypair = Keypair::generate(&mut csprng);
     let seed = keypair.secret.as_bytes().to_vec();
 
@@ -297,6 +297,5 @@ fn test_ed25519_point_on_curve() {
     ];
     let result = ed25519_dalek::PublicKey::from_bytes(&public_key_bytes);
     assert!(result.is_err());
-    assert!(format!("{:?}", result).contains("Cannot decompress"));
     assert!(Ed25519Verifier::new(&public_key_bytes).is_err());
 }
diff --git a/tests/tests/streaming/integration_test.rs b/tests/tests/streaming/integration_test.rs
index 6098f71f..bc7dd1cc 100644
--- a/tests/tests/streaming/integration_test.rs
+++ b/tests/tests/streaming/integration_test.rs
@@ -174,7 +174,7 @@ impl std::io::Read for PartialReader {
     // when more data is available. This is valid for Rust's `std::io::Read`, but
     // would not be valid for an `io::Writer` in Go.
     fn read(&mut self, buf: &mut [u8]) -> std::io::Result<usize> {
-        if rand::thread_rng().gen_range(0, 3) == 0 {
+        if rand::rngs::OsRng.gen_range(0..3) == 0 {
             // Randomly pretend to have been interrupted.
             return Err(std::io::Error::new(
                 std::io::ErrorKind::Interrupted,