Back Mecanisme d'encapsulació de claus Catalan Schlüsselkapselungsverfahren German Mécanisme d'encapsulation de clé French Meccanismo di incapsulamento della chiave Italian

Key encapsulation mechanism

Not to be confused with key wrap.
Flow diagram of a key encapsulation mechanism, relating the inputs and outputs of the Gen, Encap, and Decap algorithms of a KEM
A key encapsulation mechanism, to securely transport a secret key from a sender to a receiver, consists of three algorithms: Gen, Encap, and Decap. Circles shaded blue—the receiver's public key and the encapsulation —can be safely revealed to an adversary, while boxes shaded red—the receiver's private key and the encapsulated secret key —must be kept secret.

In cryptography, a key encapsulation mechanism (KEM) is a public-key cryptosystem that allows a sender to generate a short secret key and transmit it to a receiver securely, in spite of eavesdropping and intercepting adversaries.[1][2][3] Modern standards for public-key encryption of arbitrary messages are usually based on KEMs.[4][5]

A KEM allows a sender who knows a public key to simultaneously generate a short random secret key and an encapsulation or ciphertext of the secret key by the KEM's encapsulation algorithm. The receiver who knows the private key corresponding to the public key can recover the same random secret key from the encapsulation by the KEM's decapsulation algorithm.[1][2][3]

The security goal of a KEM is to prevent anyone who does not know the private key from recovering any information about the encapsulated secret keys, even after eavesdropping or submitting other encapsulations to the receiver to study how the receiver reacts.[1][2][3]

  1. ^ a b c Galbraith, Steven (2012). "§23.1.1: The KEM/DEM paradigm". Mathematics of Public-Key Cryptography. Cambridge University Press. pp. 471–478. ISBN 978-1-107-01392-6.
  2. ^ a b c Shoup, Victor (May 2000). Preneel, Bart (ed.). Using Hash Functions as a Hedge against Chosen Ciphertext Attack. Advances in Cryptology – EUROCRYPT 2000. Lecture Notes in Computer Science. Vol. 1807. Bruges, Belgium: Springer. pp. 275–288. doi:10.1007/3-540-45539-6_19. ISBN 978-3-540-67517-4.
  3. ^ a b c Cramer, Ronald; Shoup, Victor (2003). "Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack". SIAM Journal on Computing. 33 (1). Society for Industrial and Applied Mathematics: 167–226. doi:10.1137/S0097539702403773.
  4. ^ FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard (PDF), National Institute of Standards and Technology, 2024-08-13, doi:10.6028/NIST.FIPS.203
  5. ^ Barnes, R.; Bhargavan, K.; Lipp, B.; Wood, C. (February 2022). Hybrid Public Key Encryption. Internet Engineering Task Force. doi:10.17487/RFC9180. RFC 9180.

Rich TVX News Network Site

Rich TVX News Network Info

© MMXXIII Rich X Search. We shall prevail. All rights reserved. Rich X Search