What is Key Encapsulation?

Definition: Key Encapsulation is a process of generating a random symmetric key and an asymmetric ciphertext against that key. It is a technique that takes a public key as input and then Encapsulates (encodes) the secret value and outputs a shared secret value. Likewise, the decapsulation algorithm called Decapsulate outputs the shared private key after taking the encapsulation and the private key as inputs.


Key Encapsulation explained

The algorithms that are necessary for Key Encapsulation are derived from hard mathematical problems, such as integer factorization. A quantum computer could solve these problems efficiently by breaking the secrecy of communication. However, there are a few problems that pose a big challenge even for quantum computers to solve; these problems help to build key exchange algorithms that are secure even in the existence of quantum computers.

In Key Encapsulation Mechanisms (KEMs), two people could agree on a secret key if one of them could send the secret key to the other in an encrypted form that only the other person could decrypt and use. Anyone with access to a party's public key can safely communicate a key to that party via a key encapsulation (a cryptographic primitive). Public key cryptography helps in encrypting a key that is used to encrypt the actual message using symmetric key cryptography.

A KEM uses the following three algorithms:

  • Generate, create a public key and a private key (PK,SK).
  • Encapsulate, starts with the input public key, and generates a shared secret value along with an “encapsulation” (a ciphertext) of this secret value(PK,C0)
  • Decapsulate, which starts with the encapsulation and the private key, and outputs the shared secret value(SK, C0).

With public-key systems, the conventional method of sending a symmetric key is to first produce a random symmetric key and then encrypt it using the selected public key technique. The recipient then obtains the symmetric key by decrypting the public key message with the corresponding private key. Because symmetric keys are typically short, padding is added for comprehensive security. By creating a random element in the finite group that underlies the public key system and generating the symmetric key by hashing that element, KEMs streamline the procedure and complete the requirement for padding.

Key Wrap as a form of key encapsulation

A group of symmetric encryption algorithms known as "Key Wrap constructions" are made to enclose (encrypt) cryptographic key material. The Key Wrap methods are designed for (a) securing keys while being stored in insecure storage or (b) sending keys through untrustworthy communication networks. Block ciphers and cryptographic hash functions are common primitives used to build the constructs.

Although it differs from the more well-known asymmetric (public-key) Key Encapsulation techniques, Key Wrap can be considered a type of key encapsulation algorithm (e.g., PSEC-KEM).



Blog posts

Blog posts



Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.