Return to Answer

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: I'll use the RSA KEM for this example. Bob knows Alice's public key $(e,n)$. He creates the symmetric key $M$ from a CSPRNG , where $0<m<n$, and converts it into a symmetric key with a KDF ie symmetric key $M=KDF(m)$. The Ciphertext $$C = m^e (mod \ n)$$ This is transmitted from Bob to Alice, and she can decrypt it by computing $$P = m^d (mod \ n)$$ Alice now has $k$, and derives the symmetric key $M$ with $M = KDF(m)$

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. The NTRU KEM works differently to the RSA KEM however. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: I'll use the RSA KEM for this example. Bob knows Alice's public key $(e,n)$. He creates the random number $m$ from a CSPRNG , where $0<m<n$, and converts it into a symmetric key $M$ with a KDF ie symmetric key $M=KDF(m)$. The Ciphertext $$C = m^e (mod \ n)$$ This is transmitted from Bob to Alice, and she can decrypt it by computing $$P = m^d (mod \ n)$$ Alice now has $k$, and derives the symmetric key $M$ with $M = KDF(m)$

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. The NTRU KEM works differently to the RSA KEM however. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: I'll use the RSA KEM for this example. Bob knows Alice's public key $(e,n)$. He creates the symmetric key $K$ from a CSPRNG , where $0<k<n$, and converts it into a symmetric key with a KDF ie symmetric key $K=KDF(k)$. The Ciphertext $$C = m^e (mod \ n)$$ This is transmitted from Bob to Alice, and she can decrypt it by computing $$P = m^d (mod \ n)$$ Alice now has $k$, and derives the symmetric key $K$ with $K = KDF(k)$

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. The NTRU KEM works differently to the RSA KEM however. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: I'll use the RSA KEM for this example. Bob knows Alice's public key $(e,n)$. He creates the symmetric key $M$ from a CSPRNG , where $0<m<n$, and converts it into a symmetric key with a KDF ie symmetric key $M=KDF(m)$. The Ciphertext $$C = m^e (mod \ n)$$ This is transmitted from Bob to Alice, and she can decrypt it by computing $$P = m^d (mod \ n)$$ Alice now has $k$, and derives the symmetric key $M$ with $M = KDF(m)$

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. The NTRU KEM works differently to the RSA KEM however. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: If Alice wants to communicate with Bob, she will create a symmetric encryption key either with a cryptographically secure psuedo-random number generator or from a HKDF-Expand from another piece of information. Bob sends Alice a signed ephemeral public key.

Alice then signs the symmetric key using her static private key, and encrypts it with Bob's ephemeral public key. Bob receives it, decrypts and verifies the key.

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.

Key exchange: I'll use ECC as an example. Alice and Bob generate ephemeral key pairs and sign their ephemeral public key with their static private key, and then send their signed ephemeral public key to each other.

Both parties receive the others signed ephemeral public key and verify it using the others static public key, stored by a CA or in a PKI. Now they combine their own ephemeral private key with the other's ephemeral public key, using EC Point Multiplication (for this example). Now they both have a shared secret, as both multiplications give the same result.

This is then run through a quick hash like SHA2/3 into the correct length for symmetric encryption. For example with AES-256, the shared secret goes through SHA(3)-256 to get a key of the correct length.

Key encapsulation: I'll use the RSA KEM for this example. Bob knows Alice's public key $(e,n)$. He creates the symmetric key $K$ from a CSPRNG , where $0<k<n$, and converts it into a symmetric key with a KDF ie symmetric key $K=KDF(k)$. The Ciphertext $$C = m^e (mod \ n)$$ This is transmitted from Bob to Alice, and she can decrypt it by computing $$P = m^d (mod \ n)$$ Alice now has $k$, and derives the symmetric key $K$ with $K = KDF(k)$

Side note: I've seen that you tagged post quantum cryptography, so you could use NTRU for KEM; ECC and RSA can be broken with a powerful enough quantum computer running Shor's algorithm. The NTRU KEM works differently to the RSA KEM however. I'm not familiar with a quantum safe version of the ECC key exchange, though I'm sure one exists.