The goal is for Alice to send an encrypted message to Bob. Neither Bob nor anyone else should be able to decode the message. Alice should be be able to decode it, when all data is shown to her. However, Alice cannot store anything related to the message.
Private keys:
- X1 - random bits
- X2 - random bits
- M - large prime number
Transmitted Key:
- A - random large prime number
To send a message:
- Generate random prime A
- msg = msg XOR X1
- msg = msg * A (mod M)
- msg = msg XOR X2
- send (msg, A)
To decode:
- B = Multiplicative Inverse of A (mod M)
- msg = msg XOR x2
- msg = msg * B (mod M)
- msg = msg XOR x1
The idea is that the multiplication is sandwiched between two XORs which eliminate any sort of identifiable pattern.
Is this a reasonable algorithm or have I made a mistake somewhere?
(Note: I understand that ciphers such as RSA are the industry standard for this kind of problem. However, I wonder if a simpler solution is feasible when the stakes are lower. The use case here is not incredibly high-secure, it is for something like a CAPTCHA service, we can let the server issue a CAPTCHA question and send the answer to the client, asking him to return his answer alongside the encrypted answer, thus eliminating the need for a server-side data store.)
