Inhaltsverzeichnis

WvdS.System.Security.Cryptography.Encryption Namespace

Contains classes for symmetric encryption with PQ key derivation.

Classes

Class Description
SymmetricEncryptionExtensions AES-GCM encryption with PQ keys
HybridEncryptedData Container for hybrid-encrypted data
PqCrypto Convenience API for PQ encryption

Encryption Methods

Method Description
EncryptWithPqKey AES-GCM with PQ-derived key
EncryptHybrid RSA-OAEP + ML-KEM hybrid
EncryptEcdhPq ECDH + ML-KEM hybrid
EncryptAesGcm Standard AES-256-GCM

Encryption Format

+------------------------------------------+
| AES-GCM Encrypted Data                   |
+------------------------------------------+
| [12 Bytes] Nonce (IV)                    |
| [n Bytes]  Ciphertext                    |
| [16 Bytes] Authentication Tag            |
+------------------------------------------+

Example

using WvdS.System.Security.Cryptography.Encryption;
using WvdS.System.Security.Cryptography.KeyExchange;
 
// Shared secret from key exchange
byte[] sharedSecret = session.SharedSecret;
 
// Encrypt
byte[] plaintext = Encoding.UTF8.GetBytes("Secret message");
byte[] encrypted = SymmetricEncryptionExtensions.EncryptWithPqKey(
    plaintext, sharedSecret);
 
// Decrypt
byte[] decrypted = SymmetricEncryptionExtensions.DecryptWithPqKey(
    encrypted, sharedSecret);

See Also

, ,

Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional