Menu
Or: How to store encrypted data for a bunch of users?
I admit, it's a silly question, a private key is limited to only one person as the term already implies. But I have the following scenario:
User Tom enters data that needs to be stored encrypted in a database. The user decides he wants to make this information available to Jim and Bob. The users John and Jayne must not be able to decrypt it. Of course also not to user Tim who hacked the server and has access to the encrypted data and the scripts that do the encryption/decryption.
I think the public key/private key approach with PHPs openssl_public_encrypt function won't work here as two users need to have that "private" key to decrypt the data.
I guess this a rather general question, but if it's important, it must be done in PHP (and MySQL maybe).
748
Is there a possibility of having multiple private keys with a single public key? The answer depends on what exactly do you consider as “public key” and “private key”. If it's simply e / d for RSA and y / x for DSA, then yes — provided you vary basic parameters p / q / n for RSA and p / q / g for DSA.
Two keys, public and private, are required to encrypt and decrypt a ciphertext encrypted with a public key algorithm. Symmetric encryption uses a single secret key. When the private key is used to encrypt ciphertext, that text can be decrypted using the public key.
Yes it's possible. Yes encryption for multiple recipients is possible.
PHP encryption is important to the privacy and safety of your data. In practical terms, PHP encryption uses algorithms (sometimes called hashing algorithms) to translate the “clear” data into encrypted text that requires very specific decryption processes to “decode” the data back to the clean version.
That's how it done in OpenPGP (and, other systems): - you are generating secret symmetric key, which is used to encrypt the data itself; - then, this symmetric key is encrypted with Tom's key; - also, symmetric key can be encrypted with Jim's and Bob's public key, allowing them to decrypt the key and after that to decrypt the data
110
PHP provides a function for this - openssl_seal(). This function takes an array of public keys, and encrypts the data so that any one of the corresponding private keys can be used to decrypt it (using openssl_open()).
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
