Hybrid Approaches: ECIES-Kyber768

dsfddg dggd

6/26/24, 8:15 AM

I am considering using a hybrid approach by combining ECIES (Elliptic Curve Integrated Encryption Scheme) with Kyber KEX (Kyber Key Exchange) for secure communication. Instead of using the traditional Curve25519 key exchange in ECIES, I want to replace it with Kyber KEX, which is post-quantum secure. This way, I would use Kyber KEX for key exchange and ECIES for data encryption. I believe this approach would provide both pre- and post-quantum security."

Questions:

Is this approach a good idea?

Is it secure?

Why don't more people do this?

1 + 3

ecies

kyber

DannyNiu

6/26/24, 8:27 AM

This is relevant for you: https://datatracker.ietf.org/doc/draft-hoffman-c2pq/ . Part of your question don't make sense - you said in the beginning you want to *combine* Kyber with ECIES, then later, you said you want to *replace* Curve25519 with Kyber, then finally, you said "... use Kyber KEX for key exchange and ECIES for data encryption." ECIES consist of an ECC key establishment **in addition to** data encryption. All of these just show you are very confused.

dsfddg dggd

6/26/24, 8:41 AM

Hi, thank you very much. I already have a working ECIES that first use curve25519 for the key exchanges and share a secret. I want to know if i replaced curve25519 part with Kyber KEX, would that be good?

DannyNiu

6/26/24, 8:47 AM

In what standard or specification is Curve25519 specified for ECIES? I don't think such combination exists. Also, I'm surprised at the speed you're reading that IETF draft.

Score:1

Crypto

poncho

6/26/24, 10:02 PM

Is this approach a good idea?

I believe your encryption method is to use Kyber to generate a shared secret (using the decryptor's public key), and send that shared secret through a KDF, and then use the result for some symmetric AEAD.

That sounds reasonable; Kyber is "CCA secure", that is, using the same public key multiple times is not an security issue.

Why don't more people do this?

Kyber is fairly new - I suspect that if more people want to do public key encryption using Kyber, this is the sort of thing they'll do.

Now, comments on your terminology (which I believe caused some confusion):

There are (at least) two meanings of hybrid, which may be causing some confusion. They are:

Using both a public key and a symmetric encryption method together. This is a fairly older meaning which isn't used that much anymore (mostly because it's now considered normal, and hence not really requiring a special name)
Using both a conventional (e.g. ECC) and a postquantum (e.g. Kyber) together. This is a newer meaning, and is more likely meant when talking about postquantum algorithms.

From your description, it doesn't appear you actually meant the second meaning. Adding to the confusion is your reference to "ECIES-Kyber", when you aren't doing EC at all. IES is the name given to the original system (which uses a finite field group), while ECIES means essentially the system (but using an elliptic curve group). What might be a more consistent term for what you're thinking would be "KyberIES"

+ 1

dsfddg dggd

6/29/24, 7:17 AM

Thank you very much! i really learned something now and understand it better

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Hybrid Approaches: ECIES-Kyber768

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.