Is there a multi-key encryption and decryption algorithm that allows key revocation?

javierhersan

6/5/24, 9:58 PM

I have private data and I want to encrypt it to share it with some users who should be able to decrypt it. Therefore, I need multiple keys to decrypt it. But, I also want to be able to revoke a key to prevent someone from decrypting it, is there an algorithm that allows key revocation without encrypting the data again?

I have a system where it is not feasible to encrypt all the data again, since there is a lot of information. I cannot implement either an authorization and authentication system since the data should be publicly available in a 3rd party server.

0 + 3

kodlu

6/5/24, 10:12 PM

state your requirement more clearly, in a mathematical formulation. "therefore I need multiple keys"--what exactly do you mean? what's the security model, especially between the different users.

Maarten Bodewes

6/5/24, 11:28 PM

I guess within the constraints given you could encrypt a data key with a public key, and if you want to revoke it you can decrypt and re-encrypt with a different public key or perform another encryption over it (in which case you would require the data key two times, requiring both private keys to decrypt). The data itself remains encrypted with the data key. Disadvantage is that if the encrypted data key is recovered before it is thrown away or re-encrypted that an attacker would simply decrypt the original encapsulated key.

Maarten Bodewes

6/5/24, 11:30 PM

Alternatively key sharing may be something you could look at. Obviously, without any change in information, it is impossible to revoke a key while both the decryption key and the ciphertext are available to an attacker.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is there a multi-key encryption and decryption algorithm that allows key revocation?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.