WebApp Sec mailing list archives

Re: Secret Sharing

From: Jamie Riden <jamie.riden () gmail com>
Date: Thu, 1 Aug 2013 17:01:34 +0100

The answer is, I can't think of a better way of doing it. I believe
this is how EFS, etc. work - you have a single symmetric encryption
key and you encrypt this with the public key of anyone who you want to
be able to read the file.

But it's been a while since I read up on this, so I suggest you do a
sanity check.

cheers,
 Jamie

On 1 August 2013 15:48, saghar estehghari <s.estehghari () gmail com> wrote:

Hi,

I'm working on a project which involves security of the cloud data.

The scenario is as follows:

Users A and B have registered to a cloud service (cloud assumed to be
semi-trusted). A and B both have secret keys (KA and KB) (for
symmetric encryption) and public keys (PKA and PKB) on the cloud
server. KA and KB are each encrypted with the passwords of A and B.

Now consider A wants to share a file F that is encrypted with key K (K
is generate randomly by A). Now K should be shared securely with B
over the cloud (we consider that B is not online at the time of
sharing). To do this one option would be encrypting K with PKB which
should be decrypted by B when he gets online. However this option
seems to be complicated for my client.

I was wondering whether you have better options in mind that could help me.
Please let me know if the explantation is not clear.

Thanks



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------




-- 
Jamie Riden / jamie () honeynet org / jamie.riden () gmail com
http://uk.linkedin.com/in/jamieriden



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Current thread:

Secret Sharing saghar estehghari (Aug 01)
- Re: Secret Sharing Jamie Riden (Aug 01)
  - Re: Secret Sharing Nir Izraeli (Aug 04)
- Re: Secret Sharing Siim Põder (Aug 04)
- <Possible follow-ups>
- RE: Secret Sharing JAntonakos (Aug 04)