[Cryptography] End-to-End, One-to-Many, Encryption Question
Kent Borg
kentborg at borg.org
Wed Jun 11 20:49:12 EDT 2014
I have a question, I think it is about concatenated encryption and
convolved keys, but I am not sure. It is the sort of question that lots
of people should be asking these days, so forgive me it lots of people
have, I have been behind in my reading.
Alice lives on the far end of a single DSL line, and produces data on a
regular basis, she encrypts it with a key only she knows, and she sends
it to Bob.
Bob lives in the cloud (and so has lots of bandwidth), but Bob is in the
cloud, and therefore is only partially trusted, so he is given no
ability to directly decrypt the data. There is also lot of data
accumulated, he doesn't can't store unique copies for each client.
Charley is a client, one of many (Charley-1, Charley-2, Charley-3, etc.,
clients can come and go), he lives in a smart phone, say. He asks Bob
for a specific piece of data, Bob encrypts it with a Charley-1-specific
key and sends it off.
Charley-1 decrypts the data with a key that Bob does not know.
If Alice discovers Charley-1 is compromised, she can instruct Bob to
delete Charley-1-specific data, destroying his ability to read data from
Bob. Alice probably knows everyone's keys, but Bob and Charley do not
know each other's keys, and again only Alice knows her key.
If Charley-1 and Bob collude, the system is, unfortunately, broken, but
that seems unavoidable.
An attempt to restate the question:
Is there a way to encrypt once with key A, super-encrypt with key B1
(not knowing any other keys), and finally decrypt with key C1 (not
knowing any other keys)? Or, super-encrypt with key B2, then decrypt
with key C2?
In some respect this is a satellite TV problem subscription problem,
with an on-demand component.
Is there a canonical answer here? Is it a stupid question?
Thanks,
-kb, the Kent who Googled some on this but the closest PDF seemed to
want to know all the Charlies in advance, and was too encrypted a paper
for him to really understand anyway.
More information about the cryptography
mailing list