Paper 2026/427

StarHunters— Secure Hybrid Post-Quantum KEMs From IND-CCA2 PKEs

Deirdre Connolly, Oracle, Selkie Cryptography
Mike Ounsworth, Entrust (Canada)
Sophie Schmieg, Google (United States)
Douglas Stebila, University of Waterloo
Abstract

This paper formally specifies and analyzes the CK hybrid key encapsulation mechanism (KEM) construction from the IRTF CFRG’s recent draft on hybrid (post-quantum/traditional) KEMs CK combines two KEMs using a PRF to produce a hybrid KEM. Unlike the QSF framework of Barbosa et al., which combines an IND-CCA KEM with a nominal group (Diffie-Hellman-style), CK combines a C2PRI-secure post-quantum-secure KEM with an IND-CCA traditionlly-secure KEM constructed from an IND-CCA2 public key encryption (PKE) scheme, such as RSA-OAEP. We additionally show how to securely promote an IND-CCA2 PKE into an IND-CCA KEM. We perform two complementary security analyses of CK in the standard model: the first shows CK is IND-CCA assuming the traditional KEM is IND-CCA, the post-quantum KEM is C2PRI, and the KDF is a secure PRF; the second shows CK is IND-CCA assuming the post-quantum KEM is IND-CCA and the KDF is a secure PRF, even if the traditional KEM is completely broken. Neither proof requires the random oracle model.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
hybrid KEMKEMIND-CCAC2PRIPost-Quantum CryptographyPKEIND-CCA2KEM Combiner
Contact author(s)
durumcrustulum @ gmail com
mike @ ounsworth ca
sschmieg @ google com
dstebila @ uwaterloo ca
History
2026-03-05: revised
2026-03-02: received
See all versions
Short URL
https://ia.cr/2026/427
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2026/427,
      author = {Deirdre Connolly and Mike Ounsworth and Sophie Schmieg and Douglas Stebila},
      title = {{StarHunters}— Secure Hybrid Post-Quantum {KEMs} From {IND}-{CCA2} {PKEs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/427},
      year = {2026},
      url = {https://eprint.iacr.org/2026/427}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.