This document explains the process of encrypting messages using AES-256 and securing the keys with Kyber, a post-quantum cryptographic algorithm.
The goal is to securely encrypt packets of messages (binary files) using AES-256, with the AES session keys being securely exchanged using Kyber. This ensures robust security against both current and future cryptographic threats.
The process ensures that the message is encrypted securely and can only be decrypted by the intended recipient, leveraging the strengths of both Kyber and AES-256 to secure messages effectively.
Use Kyber to generate a public/private key pair for the recipient. The public key is used to encrypt encryption, the private key is used to decrypt them.
For each message file, generate a random 256-bit AES session key. Use the recipient's Kyber public key to encrypt this AES session key, creating an encapsulated session key that can be safely transmitted.
Encrypt the message content with AES-256 using the generated session key. AES-256 ensures the message is encrypted with strong, symmetric encryption.
Combine the encrypted session key and the AES-encrypted message into a single file. This file is stored or transmitted securely.
The recipient receives the file, extracts the encrypted session key, and uses their Kyber private key to decrypt the session key.
With the decrypted AES session key, the recipient decrypts the message content to retrieve the original message.
This process ensures secure key exchange using Kyber and message encryption using AES-256, following best practices for cryptographic security.