Encryption Scenario and Recommended Practice

2
votes

We are trying to develop a system that can control end-user decryption without the ability to decrypt the data if we hold it. The end user can encrypt/decrypt when we send them our key in conjunction with their key.

Or (we are Bob below)

  • Alice generates two keys. One for her, the other for Bob.
  • Assume Alice will have Bob's key only when needed (controlled operations).
  • Alice encrypts a blob using her own and Bob's key.
  • Bob's key alone can not decrypt Alice's blob.
  • Alice's key alone cannot decrypt her own blob.
  • Eve has access to Alice's key and blob. Eve cannot decrypt Alice's blob.

Which crypto system, if any, does this scenario portray? To me it is Diffie-Hellman, except the first step, Alice generates two keys.

Does such a system exist or can you recommend a best practice for this scenario? TYIA

1
encryptioncryptography
I'm not quire sure I got this right. Who is encrypting clear text? If it's Alice, she can save the clear text before encrypting and thus won't ever need to decrypt it. Same deal with the keys. Once Alice generated the key for Bob she can store it and always use for decryption. She does not need to get the key from Bob. Can you be a bit more specific as to what your scenario is?Andrew Savinykh
@zespri - Alice is using a shared computer and has to keep her information encrypted. Alice will generate, but will never see, know or store Bob's.XRAY Enabler

1 Answers

3
votes

You're probably looking for Secret Sharing schemes, which make it possible to require t of n users operations. (In this case, 2 of 2.)

An excellent reference is the Handbook of Applied Cryptography, Section 12.7 Secret sharing.