Identifying your own message RSA

Question

I have a Software that Encrypts message using AES , the random generated AES key is Encrypted by the receiver's public RSA key. now when I send the message to multiple users...

Sender Side :

1. Message is Encrypted by Random hashed (sha256) AES KEY

2. The AES key is then Encrypted many time and appended to the encrypted message using each receiver's public key.

3. the message has [ number for receivers, [list of encrypted keys], Encrypted message]

Receiver Side:

1. get the number of receivers

2. loop thru the appended encrypted keys and decrypt using your Private RSA. until you find the one intended for you. such that when he/she decrypt the key they get the AES Key.

3.decrypt the message using AES key.

Knowing that the key is of base 64 string which means it ends with '=', and of the length 256 because of the sha

the Question IS : How Do i know (if I'm the receiver) that the Decrypted key using my Private RSA is correct Automatically ?

thank you in advance.

Answer 1

Two questions: Is the protocol you describe fixed, or might it be modified in any way? If it is fixed, which padding scheme do you use for RSA? PKCS#1 v1.5, OAEP or none at all?

1. If the protocol might be modified, you could use a cipher mode with authentication, such as EAX, CCM or GCM. If RSA key transport decryption fails silently, so will the authenticated AES decryption.

2. Use a variation of RSA-OAEP for the key transport that provides "plain text awareness" as described here: http://www.rsa.com/rsalabs/node.asp?id=2346.

Answer 2

There is no way to find this encrypted message belongs to which receiver.

But you can do is try to decrypt the message if the decrypt is successful then that is the Receiver