{"ID":2837062,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2511.20505","arxiv_id":"2511.20505","title":"ACE-GF: A Generative Framework for Atomic Cryptographic Entities","abstract":"Autonomous digital entities require deterministic identity mechanisms that avoid persistent storage of high-value master secrets, while supporting credential rotation and cryptographic agility across heterogeneous systems. Existing deterministic key hierarchies and centralized key management systems typically rely on long-lived root secrets, introducing structural single points of failure and complicating lifecycle management. We present ACE-GF (Atomic Cryptographic Entity Generative Framework), a seed-storage-free identity construction that enables deterministic and context-isolated key derivation without storing any master secret at rest. The construction reconstructs an identity root ephemerally in memory from a sealed artifact and authorization credentials, using misuse-resistant authenticated encryption together with standard key derivation primitives. Derived keys are generated via HKDF with explicit context encoding, ensuring cryptographic isolation across curves and application domains. This design naturally supports stateless credential rotation, authorization-bound revocation, and non-disruptive migration toward post-quantum cryptographic domains. Furthermore, the framework's parametric agility allows for optimization in resource-constrained environments, ensuring that deterministic identity reconstruction remains viable across a spectrum of hardware from high-performance servers to low-power IoT nodes without compromising the underlying security model. This work builds upon the conceptual framework introduced in MSCIKDF, which identified the core design goals for multi-curve, context-isolated, PQC-pluggable identity but did not provide a concrete construction. A formal protocol specification of ACE-GF has been submitted as an IETF Internet-Draft.","short_abstract":"Autonomous digital entities require deterministic identity mechanisms that avoid persistent storage of high-value master secrets, while supporting credential rotation and cryptographic agility across heterogeneous systems. Existing deterministic key hierarchies and centralized key management systems typically rely on l...","url_abs":"https://arxiv.org/abs/2511.20505","url_pdf":"https://arxiv.org/pdf/2511.20505v2","authors":"[\"Jian Sheng Wang\"]","published":"2025-11-25T17:15:18Z","proceeding":"cs.CR","tasks":"[\"cs.CR\"]","methods":"[]","has_code":false}