TTC
Theo's Typesafe Cult2w ago
iam_nekk

Does anybody have experience with Proxy Re-encryption?

Hiya! I'm trying to make a prototype for an app with a pretty complex set of requirements. 
- Alice wants to share a secret message to a group of people she trusts. 
- This message can only be shared in a decentralized system (not blockchain!!), where everyone can see every message sent.
- Once the message is sent, it can not be changed, and neither can the data attached to it, like a decryption key.
- There is no direct communication between Alice and the people in her trusted group, she can only send messages that everyone can read. 
- The people in her trusted group can change, if someone enters the group, they can now read the secret message, and if they leave, they cannot read it anymore.
- Alice wants to share a secret message to a group of people she trusts. 
- This message can only be shared in a decentralized system (not blockchain!!), where everyone can see every message sent.
- Once the message is sent, it can not be changed, and neither can the data attached to it, like a decryption key.
- There is no direct communication between Alice and the people in her trusted group, she can only send messages that everyone can read. 
- The people in her trusted group can change, if someone enters the group, they can now read the secret message, and if they leave, they cannot read it anymore.
The gist of it is for a user to send secret messages, that anyone can see, to a group of people, and they can join and leave the group at any moment. The best option I've found so far is proxy re-encryption, but to be honest, this isn't exactly my area of expertise, and I can't wrap my head around it, and chatgpt is really not helping. Is there any way to bastardize it and make it work, or is there another way to do it?
2 Replies
Xanacas
Xanacas2w ago
Do you have control over the encrypted message? Can you prevent ppl not being in the group anymore accessing the encrypted message from a that group? Are the decryption keys sth you can revoke? What kind of security standards do you need to comply to?
4z
4z2w ago
Send a nonce that acts like a one-time pad to encrypt secret message every n seconds. When the client is no longer in the group, it stops receiving nonces.

Did you find this page helpful?