Kategorie: Verschlüsselung
Komplexität: ⭐⭐⭐⭐ (Hoch)
Voraussetzungen: ML-KEM-Schlüsselpaar, klassisches Schlüsselpaar
Geschätzte Zeit: 20-30 Minuten
Dieses Szenario beschreibt die Hybrid-Verschlüsselung mit klassischen (RSA/ECDH) und Post-Quantum (ML-KEM) Algorithmen. Hybrid-Encryption kombiniert beide Verfahren, um sowohl gegen klassische als auch gegen Quantenangriffe geschützt zu sein.
Konzept:
using WvdS.Security.Cryptography.X509Certificates.Extensions.PQ; using System.Security.Cryptography; using var ctx = PqCryptoContext.Initialize(); // Empfänger-Schlüssel (beide Algorithmen) var recipientEcdh = ECDiffieHellman.Create(ECCurve.NamedCurves.nistP384); var recipientMlKem = ctx.GenerateKeyPair(PqAlgorithm.MlKem768); // === VERSCHLÜSSELUNG === // 1. Klassischer Key Exchange (ECDH) using var senderEcdh = ECDiffieHellman.Create(ECCurve.NamedCurves.nistP384); var ecdhSharedSecret = senderEcdh.DeriveKeyMaterial(recipientEcdh.PublicKey); // 2. PQ Key Encapsulation (ML-KEM) var (mlKemCiphertext, mlKemSharedSecret) = ctx.Encapsulate(recipientMlKem.PublicKey); // 3. Schlüssel kombinieren via HKDF var combinedSecret = CombineSecrets(ecdhSharedSecret, mlKemSharedSecret); var encryptionKey = ctx.DeriveKey( combinedSecret, outputLength: 32, salt: null, info: Encoding.UTF8.GetBytes("hybrid-encryption-v1") ); // 4. Daten verschlüsseln var plaintext = Encoding.UTF8.GetBytes("Geheime Nachricht"); var nonce = RandomNumberGenerator.GetBytes(12); var ciphertext = new byte[plaintext.Length]; var tag = new byte[16]; using var aes = new OpenSslAesGcm(encryptionKey); aes.Encrypt(nonce, plaintext, ciphertext, tag); // 5. Verschlüsselte Nachricht zusammenstellen var encryptedMessage = new HybridEncryptedMessage { EcdhPublicKey = senderEcdh.PublicKey.ExportSubjectPublicKeyInfo(), MlKemCiphertext = mlKemCiphertext, Nonce = nonce, Ciphertext = ciphertext, Tag = tag }; Console.WriteLine($"Verschlüsselt: {encryptedMessage.Ciphertext.Length} Bytes");
// === ENTSCHLÜSSELUNG === using var ctx = PqCryptoContext.Initialize(); // Empfänger-Private-Keys laden var recipientEcdh = ctx.LoadEcdhPrivateKey("recipient-ecdh.key.pem", "Password!"); var recipientMlKem = ctx.LoadPrivateKey("recipient-mlkem.key.pem", "Password!"); // 1. Klassischer Key Exchange var senderEcdhPubKey = ECDiffieHellman.Create(); senderEcdhPubKey.ImportSubjectPublicKeyInfo(encryptedMessage.EcdhPublicKey, out _); var ecdhSharedSecret = recipientEcdh.DeriveKeyMaterial(senderEcdhPubKey.PublicKey); // 2. PQ Key Decapsulation var mlKemSharedSecret = ctx.Decapsulate(recipientMlKem, encryptedMessage.MlKemCiphertext); // 3. Schlüssel kombinieren var combinedSecret = CombineSecrets(ecdhSharedSecret, mlKemSharedSecret); var decryptionKey = ctx.DeriveKey( combinedSecret, outputLength: 32, salt: null, info: Encoding.UTF8.GetBytes("hybrid-encryption-v1") ); // 4. Daten entschlüsseln var decrypted = new byte[encryptedMessage.Ciphertext.Length]; using var aes = new OpenSslAesGcm(decryptionKey); aes.Decrypt( encryptedMessage.Nonce, encryptedMessage.Ciphertext, encryptedMessage.Tag, decrypted ); var message = Encoding.UTF8.GetString(decrypted); Console.WriteLine($"Entschlüsselt: {message}");
private static byte[] CombineSecrets(byte[] secret1, byte[] secret2) { // Concat und Hash - einfache aber sichere Methode // Alternativ: Parallel HKDF und XOR var combined = new byte[secret1.Length + secret2.Length]; Buffer.BlockCopy(secret1, 0, combined, 0, secret1.Length); Buffer.BlockCopy(secret2, 0, combined, secret1.Length, secret2.Length); // HKDF Extract return HKDF.Extract(HashAlgorithmName.SHA256, combined); }
public class HybridEncryptedMessage { // Header public string Version { get; set; } = "1.0"; public string Algorithm { get; set; } = "ECDH-P384+ML-KEM-768/AES-256-GCM"; // Key Encapsulation public byte[] EcdhPublicKey { get; set; } // ECDH ephemeral public key public byte[] MlKemCiphertext { get; set; } // ML-KEM ciphertext // Encrypted Content public byte[] Nonce { get; set; } // 12 bytes public byte[] Ciphertext { get; set; } // Variable public byte[] Tag { get; set; } // 16 bytes // Serialization public byte[] Serialize() { using var ms = new MemoryStream(); using var writer = new BinaryWriter(ms); writer.Write(Version); writer.Write(Algorithm); writer.Write(EcdhPublicKey.Length); writer.Write(EcdhPublicKey); writer.Write(MlKemCiphertext.Length); writer.Write(MlKemCiphertext); writer.Write(Nonce.Length); writer.Write(Nonce); writer.Write(Ciphertext.Length); writer.Write(Ciphertext); writer.Write(Tag.Length); writer.Write(Tag); return ms.ToArray(); } }
| Kombination | Klassisch | PQ | Sicherheitsniveau |
|---|---|---|---|
| Standard | ECDH P-384 | ML-KEM-768 | 192-bit hybrid |
| High Security | ECDH P-521 | ML-KEM-1024 | 256-bit hybrid |
| Legacy Support | RSA-4096 + ECDH P-256 | ML-KEM-512 | 128-bit hybrid |
| Minimal | X25519 | ML-KEM-512 | 128-bit hybrid |
| Branche | Min. Sicherheit | Empfohlene Kombination |
|---|---|---|
| Finanzsektor | 192-bit | ECDH P-384 + ML-KEM-768 |
| Healthcare | 128-bit | ECDH P-256 + ML-KEM-512 |
| Government | 256-bit | ECDH P-521 + ML-KEM-1024 |
| Energie | 192-bit | ECDH P-384 + ML-KEM-768 |
| Beziehung | Szenario | Beschreibung |
|---|---|---|
| Komponente | 7.2 Key Encapsulation | ML-KEM Details |
| Anwendung | 7.3 Dateiverschlüsselung | Praktische Nutzung |
| Verwandt | 11.1 Schlüsselgenerierung | Schlüssel erstellen |
« ← Verschlüsselung-Übersicht | ↑ Szenarien | 7.2 Key Encapsulation → »
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional