appropriate algorithm for application
I need an algorithm/protocol that is capable of encrypting numerous files with separate keys, but there also needs to be a master key that will be able to decrypt all of them. Is there such a system that is relatively secure? I'd prefer the system to be as secure as possible, but in this application, security is secondary to functionality. Thanks... //cerridwyn//
Cerridwyn Llewyellyn wrote:
I need an algorithm/protocol that is capable of encrypting numerous files with separate keys, but there also needs to be a master key that will be able to decrypt all of them. Is there such a system that is relatively secure? I'd prefer the system to be as secure as possible, but in this application, security is secondary to functionality. Thanks... //cerridwyn//
Are you after a working program, or just a design? You could always use an escrowed public key generator (discussed on sci.crypt some time ago), where the keys all have a factor of 'N' embedded in 'N', but encrypted with the master key. (I'd be prepared to write the code that generates the keys, if someone does the "master decrypt" side of things). Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06 ^S ^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
Cerridwyn Llewyellyn wrote:
I need an algorithm/protocol that is capable of encrypting numerous files with separate keys, but there also needs to be a master key that will be able to decrypt all of them. Is there such a system that is relatively secure? I'd prefer the system to be as secure as possible, but in this application, security is secondary to functionality. Thanks... //cerridwyn//
Are you after a working program, or just a design?
You could always use an escrowed public key generator (discussed on sci.crypt some time ago), where the keys all have a factor of 'N' embedded in 'N', but encrypted with the master key.
(I'd be prepared to write the code that generates the keys, if someone does the "master decrypt" side of things).
Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06 ^S ^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
Why not just encrypt the files with regular, single key encryption and only use the public-key encryption on a master file holding a copy of all the individual keys? This would be faster right? Scott
Scott McGuire wrote:
Cerridwyn Llewyellyn wrote:
I need an algorithm/protocol that is capable of encrypting numerous files with separate keys, but there also needs to be a master key that will be able to decrypt all of them. Is there such a system that is relatively secure? I'd prefer the system to be as secure as possible, but in this application, security is secondary to functionality. Thanks... //cerridwyn//
Are you after a working program, or just a design?
You could always use an escrowed public key generator (discussed on sci.crypt some time ago), where the keys all have a factor of 'N' embedded in 'N', but encrypted with the master key.
(I'd be prepared to write the code that generates the keys, if someone does the "master decrypt" side of things).
Why not just encrypt the files with regular, single key encryption and only use the public-key encryption on a master file holding a copy of all the individual keys? This would be faster right?
The main reason is so that anyone can generate new keys as and when they please. The master key is not required for key generation, which makes it more secure (ie. it spends more of its time in the safe) and practical (the master key may be in a different building). Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06 ^S ^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
-----BEGIN PGP SIGNED MESSAGE-----
Scott McGuire wrote
... stuff deleted ...
Why not just encrypt the files with regular, single key encryption and only
use
the public-key encryption on a master file holding a copy of all the individual keys? This would be faster right?
The main reason is so that anyone can generate new keys as and when they please. The master key is not required for key generation, which makes it more secure (ie. it spends more of its time in the safe) and practical (the master key may be in a different building).
Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06 ^S ^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
If the master file (or say master directory with one keyfile for each encrypted file) is encrypted with public key encryption, than anyone with the master public key can add a new encrypted file key but only the person with the master private key can remove one of those keys. Now that I think about it, this is like having each user encrypt their file with a conventional key and sending a PGP encrypted message with the key they used to the maintainer of the master file. Of course if you don't trust the users to give up a copy of the key, you would need to automate the procedure. Scott -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBMgpQiN7xoXfnt4lpAQEBfwQAuHXSGhgWXr1S7gEKWH9iygLlSrioGjoz /4+kqXKW/Q1ygDub0W3Tdr54uHaltAD8V/uk539i2ToTA0HQwaQ/jQq4eyRWrASl bW1e5VWkJrKOm3J1qDSfIcoD7ACygwMb2Fxmp1w0GQ5uOOwjH8bow7YGMVPZKa/C pDLIbjT36bM= =18an -----END PGP SIGNATURE-----
I need an algorithm/protocol that is capable of encrypting numerous files with separate keys, but there also needs to be a master key that will be able to decrypt all of them. Is there such a system that is relatively secure? I'd prefer the system to be as secure as possible, but in this application, security is secondary to functionality. Thanks... //cerridwyn//
If you need this "master key" feature embedded in the cryptosystem itself, you're probably out of luck - such a cipher would be at least as slow as a public key cryptosystem. See Blaze, Feigenbaum, Leighton, "Master-Key Cryptosystems", CRYPTO '96 rump session, available at ftp://research.att.com/dist/mab/mkcs.ps . However, you could simulate the function of such a system by selecting a different key for each file and then encypting each unique file key with the master encryption key (which could be a public key or a symmetric key, depending on whether the application that encrypts the files is trusted to know the master decryption key). This has the disadvantage, however, of requiring that you store the encrypted file key with each file, which may or may not be an issue for you. -matt
participants (4)
-
Cerridwyn Llewyellyn -
Gary Howland -
Matt Blaze -
Scott McGuire