Encryptment is a proposed cryptographic primitive designed to address the need for secure message franking in end-to-end encrypted messaging systems. The core idea is to provide a method that simultaneously encrypts a message and commits to its content, ensuring that any tampering with the encrypted message can be detected and proven. This is particularly useful in scenarios where users might report abusive content, and the system needs to verify that the reported message is indeed the one that was sent. Unlike standard authenticated encryption schemes like [[AES-GCM]], which are fast but do not inherently provide commitment to the message, encryptment is designed to ensure both confidentiality and a cryptographic binding to the original message. # Process The encryptment process works by creating a binding tag (commitment) alongside the ciphertext, which acts as a proof of the message's integrity and authenticity. This tag is compact and independent of the message length, making it efficient to store and verify. The core security properties of encryptment include confidentiality, sender binding, and receiver binding, ensuring that neither the sender nor the receiver can manipulate the message without detection. Encryptment can be constructed using secure cryptographic hash functions like SHA-256, and it can be combined with standard encryption schemes to provide a robust solution for applications that require both encryption and verifiable message integrity. ## Example ```python import hashlib class Encryptment: def __init__(self, key): self.key = key def encrypt(self, message): # Encrypt the message. ciphertext = aesgcm_encrypt(key=self.key, message=message) # Create a binding tag (commitment). binding_tag = hashlib.sha256( (self.key + ciphertext).encode() ).hexdigest() return ciphertext, binding_tag def decrypt(self, ciphertext, binding_tag): # Verify the binding tag. expected_tag = hashlib.sha256( (self.key + ciphertext).encode() ).hexdigest() if expected_tag != binding_tag: raise ValueError( "Binding tag does not match! Potential tampering detected." ) # Decrypt the message. message = aesgcm_decrypt(key=self.key, ciphertext=ciphertext) return message # Example usage key = "secure_key" message = "This is a secret message." encryptment = Encryptment(key) ciphertext, binding_tag = encryptment.encrypt(message) # Simulate decryption and verification try: decrypted_message = encryptment.decrypt(ciphertext, binding_tag) print("Message verified and decrypted:", decrypted_message) except ValueError as e: print(e) ``` # Paper ![[2019 - Fast Message Franking - From Invisible Salamanders to Encryptment.pdf.pdf]]