Expand description
This instantiation of Covercrypt is based on Curve25519 and Kyber512, and as such delivers 128 bits of both pre- and post-quantum CCA security.
The KEMAC defined in [1] is extended by a PKE interface using AES256-GCM as DEM in the KEM/DEM framework described in [2].
[1] “Covercrypt: an Efficient Early-Abort KEM for Hidden Access Policies with Traceability from the DDH and LWE”, T. Brézot, P. de Perthuis and D. Pointcheval 2023. [2] “A Proposal for an ISO Standard for Public Key Encryption (version 2.1)”, Shoup 2001.
Modules§
Structs§
- Access
Structure - Cleartext
Header - Structure containing all data encrypted in an
EncryptedHeader. - Encrypted
Header - Encrypted header holding a
Covercryptencapsulation of a 256-byte secret, and metadata encrypted under the scheme AES256Gcm using a key derived from the encapsulated secret. - Master
Public Key - Covercrypt Public Key (PK).
- Master
Secret Key - The Covercrypt Master Secret Key (MSK).
- Qualified
Attribute - A qualified attribute is composed of a dimension an attribute name.
- User
Secret Key - Covercrypt User Secret Key (USK).
- XEnc
- Covercrypt encapsulation.
Enums§
- Access
Policy - An access policy is a boolean expression of qualified attributes.
- Encryption
Hint - Hint the user about which kind of encryption to use.
- Error