[Verifpal] PKE_ENC is broken

Nadim Kobeissi nadim at symbolic.software
Fri Dec 11 14:45:31 CET 2020

Dear Mike,

It seems that Angèle is correct and that this does not appear to be a bug. When encrypting using AEAD_ENC or ENC, you are using PK as the secret key in a symmetric cipher. However, PKE_ENC is “public key encryption (“PKE”)”, which means that decryption would only be possible using K, not PK.

If principal I leaks the value K, you will see that the confidentiality query is immediately contradicted.

Nadim Kobeissi
Symbolic Software • https://symbolic.software

> On Dec 11, 2020, at 11:23 AM, Mike via Verifpal <verifpal at lists.symbolic.software> wrote:
>> I'm not sure I understand the problem, you encrypted "text" with a symmetric primitive (AEAD/ENC) and gave the attacker the key (PK), so it's normal that "text" is recovered
> Yes, this is normal. 
> Email is about PKE_ENC issue and i am expecting recover here too. 
> (mike)
> _______________________________________________
> Verifpal mailing list
> Verifpal at lists.symbolic.software
> https://lists.symbolic.software/mailman/listinfo/verifpal

More information about the Verifpal mailing list