Skip to main content

encrypt

quantica::ml_kem::kpke

Function encrypt 

Source 
pub fn encrypt<P: Params>(
    ek_pke: &[u8],
    m: &[u8; 32],
    r: &[u8; 32],
    ct_out: &mut [u8],
) -> usize
Expand description

Encrypt a 32-byte message under a K-PKE public key (Algorithm 14).

Computes u = NTT_inv(A^T * y_hat) + e1 and v = NTT_inv(t_hat^T * y_hat) + e2 + Decompress_1(m), then compresses and encodes both into a ciphertext of Params::CT_LEN bytes.

The randomness vectors y, e1, and e2 are derived deterministically from the 32-byte seed r via SHAKE256-based CBD sampling, and are zeroized after use.

§Arguments

  • ek_pke - The K-PKE encapsulation key (ByteEncode_12(t_hat) || rho).
  • m - The 32-byte message to encrypt (one bit per coefficient).
  • r - 32-byte encryption randomness seed.
  • ct_out - Output slice for the ciphertext, must be at least P::CT_LEN bytes.

§Returns

The actual ciphertext length written.