How to Create KyberKEMKeyPair with independent Encapsulation and Decapsulation Keys ?

[mukeshphadtare]

How to Create KyberKEMKeyPair with independent Encapsulation and Decapsulation Keys ?

I have indepedent KyberEncapsulationKey and KyberDecapsulationKey formed from base 64 strings and I am trying to get KyberKEMKeyPair which is required for the KyberAgreement instantiation. Since the construtor of KyberKEMKeyPair is internal instantiation of KyberKEMKeyPair is possible.

Is there way to get KyberKEMKeyPair using independent KyberEncapsulationKey and KyberDecapsulationKey instances ?

[ronhombre]

Hello,

Sorry, it was a mistake. I had an old version of the library that doesn't need a KyberKEMKeyPair to encapsulate and decapsulate which resulted in my confusion. I have brought back that change now. You only need an independent KyberDecapsulationKey to instantiate a KyberAgreement. In addition, I have opened up the KyberKEMKeyPair constructor in order to allow externally generated Kyber KEM keys to be used.

As of the moment, the update is out in NPM as 0.7.0 and Maven Central is still at PUBLISHING status. It goes up around 10-15 minutes, so if you could wait for around that time.

Best Regards,
Ron Lauren Hombre

[ronhombre]

Update: It's out in Maven Central.

[mukeshphadtare]

Hi,

Thanks for making not of my comment and changes. At the moment the maven sync is failing to download the new version 0.7.0, hopefully it will work soon.

[ronhombre]

Hello,

This has been fixed. Due to a new build process, I accidentally uploaded my artifacts as asia.hombre.kyber earlier. As of now, it was already up 40 minutes ago.

P.S. I was using my own maven build process before 0.6.1 and it messed everything up after when I started using the Maven Gradle plugin.

Best Regards,
Ron Lauren Hombre

[mukeshphadtare]

Thanks for the update, I could use the KeyAgreement with decap key. Also the encapsulate method is visible outside and can be used.

I have have one curious question, why the N or N_BYTES are chosen to be signed integer instead on unsigned integer since they represent Byte which may not have any significance of using signed value.

thanks,

[ronhombre]

Hello again,

Great to know it works now. The KyberAgreement.encapsulate() static/companion method is a design change. It was previously only accessible with a KyberAgreement instance, but there is no point in keeping it there. Alice sends her Encapsulation Key and You would KyberAgreement.encapsulate(Alice's Encaps Key) to get a copy of the Shared Secret Key (32 bytes). You then send the generated Cipher Text back to Alice which she could then new KyberAgreement(Alice's Decaps Key).decapsulate(Your sent Cipher Text) in order to get her copy of the Shared Secret Key.

The KyberConstants.N value is the number of coefficients or terms for the polynomial used internally in Kyber. N / 8 = 32 bytes. In Kyber, a single bit is embedded into each coefficient, so when retrieving all of them they make 32 bytes or 256 bits.

Best Regards,
Ron Lauren Hombre

[ronhombre]

I recommend browsing the documentation website at kyber.hombre.asia. It explains every aspect of the library. For the internal aspects that are not shown on the website, there are documentations in the source code.