Security analysis of covercrypt: A quantum-safe hybrid key encapsulation mechanism for hidden access policies

The ETSI Technical Specification 104 015 proposes a framework to build Key Encapsu- lation Mechanisms (KEMs) with access policies and attributes, in the Ciphertext-Policy Attribute- Based Encryption (CP-ABE) vein. Several security guarantees and functionalities are claimed, such as pre-quantum and post-quantum hybridization to achieve security against Chosen-Ciphertext At- tacks (CCA), anonymity, and traceability. In this paper, we present a formal security analysis of a more generic construction, with application to the specific Covercrypt scheme, based on the pre-quantum ECDH and the post-quantum ML- KEM KEMs. We additionally provide an open-source library that implements the ETSI standard, in Rust, with high effiency.