2025-10-16
Security analysis of covercrypt: A quantum-safe hybrid key encapsulation mechanism for hidden access policies
Publication
Publication
The ETSI Technical Specification 104 015 proposes a framework to build Key Encapsulation Mechanisms (KEMs) with access policies and attributes, in the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) vein. Several security guarantees and functionalities are claimed, such as pre-quantum and post-quantum hybridization to achieve security against Chosen-Ciphertext Attacks (CCA), anonymity, and traceability. In this paper, we present a formal security analysis of a more generic construction, with application to the specific Covercrypt scheme, based on the pre-quantum ECDH and the post-quantum ML-KEM Key Encapsulation Mechanisms. We additionally provide an open-source library that implements the ETSI standard, in Rust, with high efficiency.
| Additional Metadata | |
|---|---|
| doi.org/10.1007/978-3-032-07891-9_5 | |
| Quantum Software Consortium , A Reduction Theory for Codes and Lattices in Cryptography | |
| European Symposium on Research in Computer Security (ESORICS 2025) | |
| , | |
| Organisation | Cryptology |
|
Brézot, T., Hébant, C., de Perthuis, P., & Pointcheval, D. (2025). Security analysis of covercrypt: A quantum-safe hybrid key encapsulation mechanism for hidden access policies. In Computer Security – ESORICS 2025, 30th European Symposium on Research in Computer Security, Proceedings, Part II (pp. 84–102). doi:10.1007/978-3-032-07891-9_5 |
|
