Scenario 13 – Legacy RSA-2048 ➜ ML-KEM-768 Migration (Server-Side Re-encryption)

This end-to-end scenario demonstrates how to seamlessly migrate a legacy RSA-encrypted payload to a post-quantum ML-KEM-768 ciphertext, using ANKASecure’s streaming re-encryption API. At no point is the plaintext exposed outside the platform.

*Workflow*

Generate a self-signed RSA-2048 .p12 locally.
Import the PKCS#12 as a decrypt-only key.
Encrypt a file with the exported RSA public key (utility helper).
Create an ML-KEM-768 key.
Server-side streaming re-encrypt (RSA ➜ KEM).
Stream-decrypt the ML-KEM ciphertext.
Validate integrity.

Since:: 2.1.0
Author:: ANKATech – Security Engineering

Method Summary

Modifier and Type

Method

Description

static void

main(String[] args)

Entry-point.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- main
  
  public static void main(String[] args)
  
  Entry-point.
  
  Parameters:
  
  args - ignored

Class ExampleScenario13

Scenario 13 – Legacy RSA-2048 ➜ ML-KEM-768 Migration (Server-Side Re-encryption)

Method Summary

Methods inherited from class java.lang.Object

Method Details

main