Join Log in
Score:1
Finlay Weber avatar Crypto

Clarification on hybrid encryption vs ECIES vs symmetric encrypt the message and then use assymetric for key

ng flag
Finlay Weber

I am trying to understand Hybrid encryption. When I first came across the term I though it is used to describe a scheme where the message is encrypted using a symmetric key, and the symmetric key is then encrypted using the receiver public key. Both (encrypted message and key) are then sent to the receiver.

But it seems I might be mistaken. I came across ECIES (Elliptic Curve Integrated Encryption Scheme ) - and it looks like this is a distinct primitive and means hybrid encryption. But how is it hybrid? Does it first use symmetric encryption and then asymmetric encryption?

If yes, then why does it have a separate name? If not then why is it called hybrid encryption?

65
0 + 0
kelalaka avatar
in flag
kelalaka
Doesn't the answer of your question is exist on [Wikipedia IES](https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme) and [Hybrid cryptosystem](https://en.wikipedia.org/wiki/Hybrid_cryptosystem)? In a hybrid cryptosystem, key material is exchanged/transferred with the public key than with a KDF a symmetric key derived for the encryption...
1
Reply
Score:3
Gilles 'SO- stop being evil' avatar Crypto
cn flag
Gilles 'SO- stop being evil'

A hybrid cryptosystem is a public-key cryptosystem which uses symmetric cryptography for some of its internal operation. Encrypting a symmetric key with a public key is one way to do hybrid encryption, but it's not the only way to do it.

Generally, hybrid encryption uses symmetric encryption to protect the confidentiality of the message, and uses some public-key operation known as key encapsulation to arrange for the sender and the receiver to have the same symmetric key. Key encapsulation doesn't have to be encryption. Its job is to arrange for the private key holder to construct the same symmetric key as the public key holder, and that doesn't have to give a direct way to encrypt arbitrary messages.

Here are several different methods for key encapsulation:

  • The one you're familiar with: generate a random symmetric key, and use an asymmetric encryption scheme that's capable of encrypting arbitrary short messages to encrypt the symmetric key. This is commonly done with RSA OAEP, with the obsolete RSA PKCS#1v1.5 encryption scheme. Other possible schemes, which are not as common in practice, include ElGamal encryption and variants.
  • A method based on a trapdoor permutation. Generate a random element of the domain, and use a deterministic method to derive a symmetric key for that. Use the public permutation on the random element and send that. The receiver uses the private inverse to recover the random element and can then calculate the symmetric key. A typical example is RSA-KEM, using the RSA trapdoor permutation.
  • Use a key agreement (key exchange) scheme to establish a shared secret between the sender and the receiver. In this scenario, both sides have a public key. This is how IES works: it uses a Diffie-Hellman key exchange, and derives the message encryption key from the shared secret. This is most commonly used with elliptic curves and known as ECIES.
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.