4. SafeQuard Specification¶
4.1. Exisiting Functions¶
4.1.1. pQCee_SafeQuard_enc¶
Function |
pQCee_SafeQuard_enc |
Description |
Encrypts the toEncStr data using the SharedSecret obtained from encapsulation the PKStr. Ciphertext obtained from encapsulation is used as nonce for AES ctr encryption. |
Parameters
|
- toEncStr
- PKStr
|
Output
|
- returnStr
|
toEncStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The message string to be encrypted |
PKStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The ML-KEM-768 encapsulation key (decodes to 1184 bytes) |
returnStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
Decodes to the AES-256-CTR encrypted message prepended with ciphertext, (first 12 bytes as IV) |
4.1.2. pQCee_SafeQuard_dec¶
Function |
pQCee_SafeQuard_dec |
Description |
Decrypts the encrypted toDecStr data using the SharedSecret obtained from decapsulation using the SKStr and Ciphertext (found in toDecStr) |
Parameters
|
- toDecStr
- SKStr
|
Output
|
- returnStr
|
toDecStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
Decodes to the AES-256-CTR encrypted message prepended with ciphertext, (first 12 bytes as IV) |
SKStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The ML-KEM-768 decapsulation key (decodes to 2400 bytes) |
returnStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The the decrypted message |
4.1.3. pQCee_SafeQuard_AESInit¶
Function |
pQCee_SafeQuard_AESInit |
Description |
Encapsulate the encapkey (public_key) to obtain the SharedSecret (to store in frontend memory) and Ciphertext (to be return) and loaded to the pQCee TEE Backend |
Parameters
|
- PKStr (encapkey)
|
Output
|
- returnStr (Ciphertext)
|
PKStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The ML-KEM-768 encapsulation key (decodes to 1184 bytes) |
returnStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The ML-KEM-768 ciphertext (decodes to 1088 bytes) |
4.1.4. pQCee_SafeQuard_AESUpdate¶
Function |
pQCee_SafeQuard_AESUpdate |
Description |
(En|De)crypts the toEncStr/toDecStr data using the SharedSecret store in frontend memory |
Parameters
|
- toEncStr/toDecStr
|
Output
|
- returnStr
|
toEncStr/toDecStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
Decodes to the AES-256-CTR message prepended with IV (16 bytes, 12 + 4(ctr)) |
returnStr |
|
Type |
String |
Encoding |
Hexadecimal |
Description |
The the encrypted/decrypted message |