Hybrid Public Key Encryption

Document Type Replaced Internet-Draft (cfrg RG)
Authors Richard Barnes  , Karthikeyan Bhargavan 
Last updated 2019-06-12 (latest revision 2019-03-11)
Replaced by draft-irtf-cfrg-hpke
Stream Internet Research Task Force (IRTF)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream IRTF state Replaced
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-irtf-cfrg-hpke
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes a scheme for hybrid public-key encryption (HPKE). This scheme provides authenticated public key encryption of arbitrary-sized plaintexts for a recipient public key. HPKE works for any Diffie-Hellman group and has a strong security proof. We provide instantiations of the scheme using standard and efficient primitives.


Richard Barnes (rlb@ipv.sx)
Karthikeyan Bhargavan (karthikeyan.bhargavan@inria.fr)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)