For Trust, Performance and Security, Hybrid Public Key Encryption is a Winner

We love public key encryption. It allows us to securely exchange secrets and digitally sign data. But it’s not that efficient when it comes to actually encrypting large amounts of data.

For this, Bob sends Alice his public key, and she encrypts the data with this and sends back the ciphertext. Bob then uses the associated private key to decrypt it. This works fairly well for small amounts of data — such as encrypting a 128-bit or a 256-bit encryption key — but becomes computationally expensive when encrypting large amounts of data. This is especially important when we are using a mobile device, as this increase in computing will often drain the battery. The core method we have at hand to encrypt data is to use RSA, but RSA is often a heavy method to implement with mobile devices.

So, what’s the solution? Can we combine the power of symmetric key encryption with public key encryption? Well, RFC 9180 provides one solution with HPKE (Hybrid Public Key Encryption) [here]:

With this, we use a symmetric key to encrypt the data, and then encrypt the symmetric key with public key encryption. We can also…