Hybrid Public Key Encryption
draft-barnes-hpke-hpke-00
| Document | Type |
Replaced Internet-Draft
(candidate for hpke WG)
Expired & archived
|
|
|---|---|---|---|
| Authors | Richard Barnes , Karthikeyan Bhargavan , Benjamin Lipp , Christopher A. Wood | ||
| Last updated | 2025-05-11 (Latest revision 2025-03-20) | ||
| Replaced by | draft-ietf-hpke-hpke | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | Call For Adoption By WG Issued | |
| Document shepherd | (None) | ||
| IESG | IESG state | Replaced by draft-ietf-hpke-hpke | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes a scheme for hybrid public key encryption (HPKE). This scheme provides a variant of public key encryption of arbitrary-sized plaintexts for a recipient public key. It also includes three authenticated variants, including one that authenticates possession of a pre-shared key and two optional ones that authenticate possession of a key encapsulation mechanism (KEM) private key. HPKE works for any combination of an asymmetric KEM, key derivation function (KDF), and authenticated encryption with additional data (AEAD) encryption function. Some authenticated variants may not be supported by all KEMs. We provide instantiations of the scheme using widely used and efficient primitives, such as Elliptic Curve Diffie-Hellman (ECDH) key agreement, HMAC-based key derivation function (HKDF), and SHA2. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.
Authors
Richard Barnes
Karthikeyan Bhargavan
Benjamin Lipp
Christopher A. Wood
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)