pub fn encode_split(
shared_secret: &[u8],
plaintext: &[u8],
) -> Result<(KkSealedMessage, EntropySnapshot)>Expand description
Encode plaintext and split the result across two channels.
Returns (KkSealedMessage, EntropySnapshot):
- Channel 1 (public):
KkSealedMessage, ciphertext + HMAC - Channel 2 (private):
EntropySnapshot, the ε key
An attacker intercepting only Channel 1 sees ciphertext + HMAC but has no ε. Without ε they cannot derive any key material, every passphrase guess is meaningless because the HKDF salt is missing.
The ε is physically non-reconstructible (proved in examples/proof.rs). If it never reaches the attacker, the ciphertext is information- theoretically unbreakable regardless of compute power.