In RFC 9180, the HPKE scheme is described, offering a new approach to public key encryption that generates both the symmetric key and its encapsulation with the public key. The document provides various authenticated variants, including one that authenticates possession of a pre-shared key. HPKE is flexible, working with various asymmetric KEMs, KDFs, and AEAD encryption functions. Notably, the consensus of the Crypto Forum Research Group (CFRG) ensures clarity for interoperable implementation. A key strength of HPKE is its security against (adaptive) chosen ciphertext attacks, supported by classical assumptions on underlying primitives. The document aims to address existing issues in hybrid encryption schemes, paving the way for improved security and efficiency.
https://www.rfc-editor.org/rfc/rfc9180.html