Papers and Analyses

Link Abstract

Kyber and TLS

This document outlines the shortcomings of a current proposal to add CRYSTALS Kyber into TLS and proposes an alternative solution.

KyberIES Specification

This document provides the specification of Kyber Integrated Encryption Schema (IES) conceptually similar to ECIES.

Kyber KEX 2-way Approach

This document provides the specification of Kyber Key Exchange (KEX) with integrated authentication that can serve as a Diffie-Hellman drop-in replacement.

AEAD algorithm based on KMAC or cSHAKE

This document provides the specification of the cryptographic algorithm following the Authenticated Encryption with Additional Data (AEAD) approach using KMAC and cSHAKE.

Hybrid KEM Specification

This document specifies the Hybrid KEM cryptographic algorithm combining Kyber and X25519.

Deterministic RNG Based on cSHAKE and KMAC

This specification defines a simple deterministic random number generator (DRNG) which can be used to generate cryptographically secure random bit strings for various use cases including symmetric and asymmetric key generation services. The DRNG is based on either cSHAKE or KECCAK Message Authentication Code (KMAC) and is intended to support a wide range of applications and requirements, and is conservative in its resource consumption.

2023-11-29 smueller at