-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathKEMPRF.scheme
More file actions
32 lines (27 loc) · 1.03 KB
/
KEMPRF.scheme
File metadata and controls
32 lines (27 loc) · 1.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
// KEM that applies a PRF to the shared secret of an underlying KEM, keyed by the
// shared secret and evaluated on the ciphertext, to derive a new shared secret.
import '../../Primitives/KEM.primitive';
import '../../Primitives/PRF.primitive';
Scheme KEMPRF(KEM K, PRF F) extends KEM {
requires K.SharedSecret == BitString<F.lambda>;
requires K.Ciphertext subsets BitString<F.in>;
Set Ciphertext = K.Ciphertext;
Set PublicKey = K.PublicKey;
Set SecretKey = K.SecretKey;
Set SharedSecret = BitString<F.out>;
[PublicKey, SecretKey] KeyGen() {
return K.KeyGen();
}
[SharedSecret, Ciphertext] Encaps(PublicKey pk) {
[K.SharedSecret, K.Ciphertext] x = K.Encaps(pk);
BitString<F.lambda> k = x[0];
K.Ciphertext c = x[1];
BitString<F.out> ss = F.evaluate(k, c);
return [ss, c];
}
deterministic SharedSecret Decaps(SecretKey sk, Ciphertext c) {
K.SharedSecret k = K.Decaps(sk, c);
BitString<F.out> ss = F.evaluate(k, c);
return ss;
}
}