Class ExampleScenarioPqcHandshake

Object
ExampleScenarioPqcHandshake
public class ExampleScenarioPqcHandshake extends Object
Example PQC Handshake Scenario:

This class demonstrates a complete client-side flow for establishing a post-quantum hybrid channel via an initial PQC handshake (ML-1024), followed by authenticated requests with payload encryption/decryption using the AES key negotiated during the handshake. The server is assumed to be a Spring Boot application implementing the required /api/pqc-handshake/init endpoint and an interceptor that recognizes the X-PQC-Transport and X-PQC-Session headers.

The typical flow is:

  1. Generate a ML-1024 key pair (e.g. ML-KEM-1024) on the client side.
  2. Call /api/pqc-handshake/init, sending the client's ML-1024 public key in Base64.
  3. The server returns an AES-256 key in Base64 (in the ciphertextBase64 field) plus a unique sessionId.
  4. The client decodes the returned AES key from Base64 and stores it alongside the sessionId for subsequent encryption/decryption.
  5. All further requests add:
    • X-PQC-Transport: true
    • X-PQC-Session: <sessionId>
    and the request body is encrypted with the stored AES key. The server decrypts it transparently, processes the request, re-encrypts the response, and the client decrypts it again with the same AES key.

Internally, the server performs an ephemeral approach with the provided ML-1024 public key, but from the client's perspective, the server simply returns the final AES key in Base64 for convenience. The client does not need to implement a KeyAgreement step; it only decodes the AES key.

This class follows the style of ExampleScenario1, including property loading, secure credential handling, and example usage of generating keys on the server via an encrypted (PQC) channel.

Version:
1.0
Author:

  • Constructor Summary

    Constructors
    Constructor
    Description
    ExampleScenarioPqcHandshake()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static void
    main(String[] args)
    Main method that executes the PQC handshake scenario: Load properties (similarly to ExampleScenario1). Generate a ML-1024 key pair and perform the handshake. Authenticate using existing credential logic (encrypted credentials). Use the PQC channel to generate a new key on the server (test call).

    Methods inherited from class Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • ExampleScenarioPqcHandshake

      public ExampleScenarioPqcHandshake()

  • Method Details

    • main

      public static void main(String[] args)
      Main method that executes the PQC handshake scenario:
      1. Load properties (similarly to ExampleScenario1).
      2. Generate a ML-1024 key pair and perform the handshake.
      3. Authenticate using existing credential logic (encrypted credentials).
      4. Use the PQC channel to generate a new key on the server (test call).
      Parameters:
      args - command-line arguments (none used).