Hybrid Public Key Encryption (HPKE)
E873495
Hybrid Public Key Encryption (HPKE) is a cryptographic framework that combines public-key and symmetric-key techniques to provide flexible, interoperable encryption for modern protocols such as TLS, QUIC, and MLS.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Hybrid Public Key Encryption (HPKE) canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T10595204 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Hybrid Public Key Encryption (HPKE) Context triple: [CFRG, standardized, Hybrid Public Key Encryption (HPKE)]
-
A.
Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
"Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)" is an IETF standard (RFC 7919) that defines secure, standardized finite-field Diffie-Hellman parameter sets for use in TLS to improve cryptographic security and interoperability.
-
B.
Curve25519-based schemes
Curve25519-based schemes are cryptographic protocols and algorithms that use the Curve25519 elliptic curve to provide efficient, high-security public-key operations such as key exchange and digital signatures.
-
C.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
-
D.
XChaCha20-Poly1305 AEAD construction
XChaCha20-Poly1305 AEAD construction is an authenticated encryption scheme that extends ChaCha20-Poly1305 with a longer nonce for improved security and robustness against nonce reuse.
-
E.
XSalsa20-Poly1305
XSalsa20-Poly1305 is an authenticated encryption scheme that combines the XSalsa20 stream cipher with the Poly1305 message authentication code to provide both confidentiality and integrity for messages.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Hybrid Public Key Encryption (HPKE) Target entity description: Hybrid Public Key Encryption (HPKE) is a cryptographic framework that combines public-key and symmetric-key techniques to provide flexible, interoperable encryption for modern protocols such as TLS, QUIC, and MLS.
-
A.
Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)
"Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS)" is an IETF standard (RFC 7919) that defines secure, standardized finite-field Diffie-Hellman parameter sets for use in TLS to improve cryptographic security and interoperability.
-
B.
Curve25519-based schemes
Curve25519-based schemes are cryptographic protocols and algorithms that use the Curve25519 elliptic curve to provide efficient, high-security public-key operations such as key exchange and digital signatures.
-
C.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
-
D.
XChaCha20-Poly1305 AEAD construction
XChaCha20-Poly1305 AEAD construction is an authenticated encryption scheme that extends ChaCha20-Poly1305 with a longer nonce for improved security and robustness against nonce reuse.
-
E.
XSalsa20-Poly1305
XSalsa20-Poly1305 is an authenticated encryption scheme that combines the XSalsa20 stream cipher with the Poly1305 message authentication code to provide both confidentiality and integrity for messages.
- F. None of above. chosen
Statements (50)
| Predicate | Object |
|---|---|
| instanceOf |
cryptographic framework
ⓘ
public-key encryption scheme ⓘ |
| abbreviation | HPKE ⓘ |
| basedOn |
Diffie-Hellman key exchange
NERFINISHED
ⓘ
Key Encapsulation Mechanisms NERFINISHED ⓘ |
| canUseAEAD |
AES-128-GCM
ⓘ
ChaCha20-Poly1305 NERFINISHED ⓘ |
| canUseKDF | HKDF-SHA256 ⓘ |
| canUseKEM |
DHKE on NIST P-256
ⓘ
DHKEM(X25519) ⓘ |
| component |
AEAD cipher
ⓘ
Authenticated Encryption with Associated Data ⓘ KDF ⓘ KEM private key ⓘ KEM public key ⓘ Key Encapsulation Mechanism ⓘ Key Schedule ⓘ |
| definedIn | RFC 9180 NERFINISHED ⓘ |
| designGoal |
avoid protocol-specific assumptions
ⓘ
be reusable across protocols ⓘ be simple to implement ⓘ |
| property |
sender can be anonymous or authenticated
ⓘ
supports export of secret material ⓘ supports multiple AEAD algorithms ⓘ supports multiple KDFs ⓘ supports multiple KEMs ⓘ supports multiple ciphersuites ⓘ supports pre-shared keys ⓘ |
| purpose |
provide authenticated encryption
ⓘ
provide forward secrecy ⓘ provide hybrid public-key encryption ⓘ provide interoperability for modern protocols ⓘ |
| securityGoal |
IND-CCA2 security for ciphertexts
ⓘ
confidentiality of application data ⓘ forward secrecy in some modes ⓘ integrity of application data ⓘ |
| standardizedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| supports |
Messaging Layer Security
NERFINISHED
ⓘ
Oblivious HTTP NERFINISHED ⓘ QUIC NERFINISHED ⓘ TLS NERFINISHED ⓘ general-purpose application-layer encryption ⓘ |
| supportsMode |
Authenticated PSK mode
ⓘ
Authenticated mode ⓘ Base mode ⓘ PSK mode ⓘ |
| usedIn |
Oblivious HTTP deployments
ⓘ
TLS Encrypted ClientHello experiments ⓘ |
| uses |
public-key cryptography
ⓘ
symmetric-key cryptography ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Hybrid Public Key Encryption (HPKE) Description of subject: Hybrid Public Key Encryption (HPKE) is a cryptographic framework that combines public-key and symmetric-key techniques to provide flexible, interoperable encryption for modern protocols such as TLS, QUIC, and MLS.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.