Package org.bouncycastle.crypto.kems

Class SAKKEKEMSGenerator

java.lang.Object

org.bouncycastle.crypto.kems.SAKKEKEMSGenerator

All Implemented Interfaces:

EncapsulatedSecretGenerator

public class SAKKEKEMSGenerator
extends Object
implements EncapsulatedSecretGenerator

This class implements the SAKKE (Sakai-Kasahara Key Encryption) Key Encapsulation Mechanism as defined in RFC 6508. It generates an encapsulated shared secret value (SSV) using Identity-Based Encryption (IBE) for secure transmission from a Sender to a Receiver.

The algorithm follows these steps (as per RFC 6508, Section 6.2.1):

1. Generate a random SSV in the range [0, 2^n - 1].
2. Compute r = HashToIntegerRange(SSV || b, q).
3. Compute R_(b,S) = [r]([b]P + Z_S) on the elliptic curve.
4. Compute H = SSV XOR HashToIntegerRange(g^r, 2^n).
5. Encode the encapsulated data (R_(b,S), H).

See Also:

• RFC 6508: Sakai-Kasahara Key Encryption (SAKKE)

Constructor Summary

Constructors

Constructor	Description
SAKKEKEMSGenerator(SecureRandom random)	Constructs a SAKKEKEMSGenerator with the specified source of randomness.

Method Summary

Modifier and Type	Method	Description
SecretWithEncapsulation	generateEncapsulated(AsymmetricKeyParameter recipientKey)	Generates an encapsulated shared secret value (SSV) using the recipient's public key parameters as specified in RFC 6508, Section 6.2.1.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SAKKEKEMSGenerator

public SAKKEKEMSGenerator(SecureRandom random)

Constructs a SAKKEKEMSGenerator with the specified source of randomness.

Parameters:

random - a SecureRandom instance for generating cryptographically secure random values. Must not be null.

Method Details

generateEncapsulated

public SecretWithEncapsulation generateEncapsulated(AsymmetricKeyParameter recipientKey)

Generates an encapsulated shared secret value (SSV) using the recipient's public key parameters as specified in RFC 6508, Section 6.2.1.

This method performs the following operations:

• Derives cryptographic parameters from the recipient's public key.
• Generates a random SSV and computes the encapsulation components (R_(b,S), H).
• Encodes the encapsulated data as specified in RFC 6508, Section 4.

Specified by:

generateEncapsulated in interface EncapsulatedSecretGenerator

Parameters:

recipientKey - the recipient's public key parameters. Must be an instance of SAKKEPublicKeyParameters. Must not be null.

Returns:

a SecretWithEncapsulation containing the SSV and the encapsulated data.