Reputation: 1311
Alternative to PGP-style data delivery using certificates
I have a server application that records some data. This data is encrypted using a runtime generated AES, and the AES key is then encrypted using a receiver public certificate. The whole lot is then sent to the receiver as one file.
At the receiver computer, the AES key is then decrypted using the receiver private certificate and the data can be decrypted and shown to the user. All good so far, kinda like PGP.
The problem is that this data file is sometimes stored "as-is". After some time the certificate used to decrypt the data expires. If we imagine that the new certificate must contain new keys, all files stored with the old certificate must be re-encrypted. And there are other use-cases that just confirms that long-term storage of encrypted data should not use certificates.
Needless to say, the server where the data is created cannot contain any stored keys that can be used to decrypt the data - so my question is: can I somehow change this design so that I can support the renewal / revocation of receiver certificates without having to re-encrypt data at the customer?
Using C# and X509 certificates if that matter...
Upvotes: 0
Views: 30
Answers (1)
Reputation: 13924
Receiver may keep a history of previous keys. Then your data file should contain a reference (for example, a thumbprint or whatever else that client can use to uniquely identify the certificate) to a certificate to use for this data file decryption. You CAN use expired certificates to decrypt content.
Your scenario is similar to S/MIME (email encryption) scenario. Sender encrypts email with recipient's public key. Certificate information (public part) is included in encrypted BLOB. Recipient uses certificate identifier to find a suitable private key to decrypt email. Recipient may store current and all previous email encryption certificates and keys to decrypt emails it received long ago. Certificate validity or expiration doesn't prevent you from decrypting data.
This strategy is nothing new and already works in other similar scenarios.
Upvotes: 2
Related Questions
- What Causes "The payload was invalid" Error in .Net Core 3.1 Application?
- Encrypting Data using RSA Public and Private Key in C#
- Unable to decrypt PGP encrypted file into Stream from Azure Blob storage using C# scripting within script task of SSIS
- Diffie Hellman Key Exchange using ECDSA x509 certificates
- Sending File Over LAN
- Decrypt the data using the decrypted key
- Decrypting using same private key that is used to encrypt