A hybrid encryption (HE) system is an efficient public key encryption system for arbitrarily long messages. An HE system consists of a public key component called key encapsulation mechanism (KEM), and a symmetric key component called data encapsulation mechanism (DEM). The HE encryption algorithm uses a KEM generated key k to encapsulate the message using DEM, and send the ciphertext together with the encapsulaton of k, to the decryptor who decapsulates k and uses it to decapsulate the message using the corresponding KEM and DEM components. The KEM/DEM composition theorem proves that if KEM and DEM satisfy well-defined security notions, then HE will be secure with well defined security. We introduce HE in correlated randomness model where the encryption and decryption algorithms have samples of correlated random variables that are partially leaked to the adversary. Security of the new KEM/DEM paradigm is defined against computationally unbounded or polynomially bounded adversaries. We define iKEM and cKEM with respective information theoretic computational security, and prove a composition theorem for them and a computationally secure DEM, resulting in secure HEs with proved computational security (CPA and CCA) and without any computational assumption. We construct two iKEMs that provably satisfy the required security notions of the composition theorem. The iKEMs are used to construct two efficient quantum-resistant HEs when used with an AES based DEM. We also define and construct combiners with proved security that combine the new KEM/DEM paradigm of HE with the traditional public key based paradigm of HE.

翻译：混合加密系统是一种适用于任意长消息的高效公钥加密系统。它由称为密钥封装机制的公钥组件和称为数据封装机制的对称密钥组件构成。混合加密算法使用KEM生成的密钥k，通过DEM封装消息，并将密文与k的封装一同发送给解密方；解密方解封装k后，利用对应KEM和DEM组件解封装消息。KEM/DEM组合定理证明，若KEM和DEM满足明确定义的安全概念，则混合加密将具备相应安全性。我们提出关联随机性模型下的混合加密，其中加密和解密算法拥有部分泄露给敌手的关联随机变量样本。新KEM/DEM范式针对计算无界或多项式有界敌手定义安全性。我们分别定义了具有信息论计算安全性的iKEM和cKEM，并证明其与计算安全DEM的组合定理，从而在无需任何计算假设的前提下得到具有可证计算安全性（CPA和CCA）的混合加密。我们构造了两个满足组合定理所需安全概念的iKEM。当与基于AES的DEM结合时，这些iKEM可用于构建两个高效的抗量子混合加密方案。此外，我们还定义并构造了具有可证安全性的组合器，将基于新KEM/DEM范式的混合加密与传统公钥范式下的混合加密相结合。