Class: MLKEM::Core::MLKEMInternal

Inherits:

Object

• Object
• MLKEM::Core::MLKEMInternal

Defined in:

lib/ml_kem/core/ml_kem_internal.rb

Overview

Internal implementation of ML-KEM (Kyber) encapsulation and decapsulation algorithms. Wraps K-PKE logic and adds hashing and key derivation per ML-KEM specification.

Algorithms implemented:

• Algorithm 16: ML-KEM.KeyGen_internal

• Algorithm 17: ML-KEM.Encaps_internal

• Algorithm 18: ML-KEM.Decaps_internal

Since:

• 0.1.0

Instance Method Summary

• #decaps_internal(dk, c) ⇒ String

  ML-KEM Decapsulation (Algorithm 18).

• #encaps_internal(ek, m) ⇒ Array<String>

  ML-KEM Encapsulation (Algorithm 17).

• #initialize(k, eta1, eta2, du, dv) ⇒ MLKEMInternal constructor

  Constructs the internal ML-KEM engine.

• #keygen_internal(d, z) ⇒ Array<String>

  ML-KEM Key Generation (Algorithm 16).

Constructor Details

#initialize(k, eta1, eta2, du, dv) ⇒ MLKEMInternal

Constructs the internal ML-KEM engine.

Parameters:

• k (Integer) —

  Security level (1, 3, or 5)

• eta1 (Integer) —

  Noise parameter η₁

• eta2 (Integer) —

  Noise parameter η₂

• du (Integer) —

  Compression bits for u

• dv (Integer) —

  Compression bits for v

Since:

• 0.1.0

# File 'lib/ml_kem/core/ml_kem_internal.rb', line 22

def initialize(k, eta1, eta2, du, dv)
  @k = k
  @eta1 = eta1
  @eta2 = eta2
  @du = du
  @dv = dv
  @q = Constants::Q
  @kpke = KPKE.new(@k, @eta1, @eta2, @du, @dv, @q)
end

Instance Method Details

#decaps_internal(dk, c) ⇒ String

ML-KEM Decapsulation (Algorithm 18).

Examples:

k = kem.decaps_internal(dk, c)

Parameters:

• dk (String) —

  Private key.

• c (String) —

  Ciphertext.

Returns:

• (String) —

  Shared secret (32 bytes).

Since:

• 0.1.0

# File 'lib/ml_kem/core/ml_kem_internal.rb', line 69

def decaps_internal(dk, c)
  dk_pke = dk[0...(384 * @k)]
  ek_pke = dk[(384 * @k)...(768 * @k + 32)]
  h_val  = dk[(768 * @k + 32)...(768 * @k + 64)]
  z      = dk[(768 * @k + 64)...(768 * @k + 96)]

  mp = @kpke.decrypt(dk_pke, c)
  kp, rp = Crypto::SymmetricPrimitives.g(mp + h_val)
  kk = Crypto::SymmetricPrimitives.j(z + c)
  cp = @kpke.encrypt(ek_pke, mp, rp)

  c == cp ? kp : kk
end

#encaps_internal(ek, m) ⇒ Array<String>

ML-KEM Encapsulation (Algorithm 17).

Examples:

k, c = kem.encaps_internal(ek, m)

Parameters:

• ek (String) —

  Public key.

• m (String) —

  A 32-byte message (uniformly random).

Returns:

• (Array<String>) —

  k, c

  Shared secret and ciphertext.

Since:

• 0.1.0

# File 'lib/ml_kem/core/ml_kem_internal.rb', line 55

def encaps_internal(ek, m)
  k, r = Crypto::SymmetricPrimitives.g(m + Crypto::SymmetricPrimitives.h(ek))
  c = @kpke.encrypt(ek, m, r)
  [k, c]
end

#keygen_internal(d, z) ⇒ Array<String>

ML-KEM Key Generation (Algorithm 16).

Examples:

ek, dk = kem.keygen_internal(seed, z)

Parameters:

• d (String) —

  A 32-byte seed for public key derivation.

• z (String) —

  A 32-byte random secret value.

Returns:

• (Array<String>) —

  ek, dk

  Public and private key pair.

Since:

• 0.1.0

# File 'lib/ml_kem/core/ml_kem_internal.rb', line 40

def keygen_internal(d, z)
  ek_pke, dk_pke = @kpke.keygen(d)
  ek = ek_pke
  dk = dk_pke + ek + Crypto::SymmetricPrimitives.h(ek) + z
  [ek, dk]
end