1

Let's say Bob wants to send a message to Alice. This communication requires to achieve confidentiality, integrity, proof of origin, non-repudiation. Therefore we can use this cipher-text:

ciphertext = KS[Message, Compress(Bob_PR[H(M)])], Alice_PU[KS]

KS = Session Key H = Hashing PU = Public Key PR = Private Key

However, how can we do this when bob want to achieve confidentiality and integrity when the information is stored in a secure database? Whose key to be used to encrypt the msg? Is it a session key only? Do we need a session key at all? A possible solution could be:

ciphertext = KS[Message]

Provided that KS is stored together with the ciphertext in the database. BUT this is definitely not safe!

What is a better solution? How do we represent this in the notation?

Best
  • 133
  • 1
  • 7

1 Answers1

1

If your original construction gives you the security properties you want, then simply replacing Alice_PU[KS] with Bob_PU[KS] should do the job.

Think of the database as a communication channel to your future self. Future Bob should still have his keypair, so can both decrypt the session key and verify the signature.

Michael
  • 2,118
  • 15
  • 26