@techreport{ietf-hpke-hpke-04, number = {draft-ietf-hpke-hpke-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-hpke-hpke/04/}, author = {Richard Barnes and Karthikeyan Bhargavan and Benjamin Lipp and Christopher A. Wood}, title = {{Hybrid Public Key Encryption}}, pagetotal = 94, year = 2026, month = jul, day = 6, abstract = {This document describes a scheme for hybrid public key encryption (HPKE). This scheme provides a variant of public key encryption of arbitrary-sized plaintexts for a recipient public key. It also includes a variant that authenticates possession of a pre-shared key. HPKE works for any combination of an asymmetric Key Encapsulation Mechanism (KEM), key derivation function (KDF), and authenticated encryption with additional data (AEAD) encryption function. This document provides instantiations of the scheme using widely used and efficient primitives, such as Elliptic Curve Diffie-Hellman (ECDH) key agreement, HMAC-based key derivation function (HKDF), and SHA-2. This document obsoletes RFC 9180.}, }