Is it possible using symmetric encryption to encrypt a file with two different keys?

1

1

GPG/PGP and other public key encryptions allow encrypting to several recipients using their public keys.

Is it possible to use only symmetric encryption to do that same? In other words is it possible to symmetrically encrypt a file with two different keys?

The reason for my question is that asymmetric encryption produces produces huge files. If I were to send a public key encrypted message to a smart phone it would be too huge. Especially if it was encrypted to several recipients. One single "Hello" could take 2 pages of text. On the other hand symmetric encryption is very tight.

Vivarto

Posted 2013-01-11T22:16:13.677

Reputation: 165

Answers

2

Sure. Just encrypt the file with a random key and then encrypt that random key with the two different symmetric keys.

David Schwartz

Posted 2013-01-11T22:16:13.677

Reputation: 58 310

That's a creative solution. Have not thought about that. – Vivarto – 2013-01-12T02:25:19.610

2@Vivarto: That's precisely the same way it's done with asymmetric encryption. In both cases, the file is symmetrically encrypted with a random key. – David Schwartz – 2013-01-12T04:36:45.410

@Vivarto David's comment above is correct. You seem to have a misunderstanding of how PGP works. – rsaw – 2013-01-12T05:20:15.533

1

Current PGP versions and all of GnuPG (GPG) implement the OpenPGP standard. I will only use the term OpenPGP below.

OpenPGP uses both public and symmetric key encryption: When encrypting a document, some random symmetric key gets generated and encrypted using the public key. The receiver will encrypt the symmetric encryption (block cipher) key using his private key. As only the symmetric key get encrypted using the public key, overhead stays small (this is what David Schwartz proposed and already is implemented by OpenPGP).

Of course, there are two cases in which this overhead can get big in comparison to the encrypted data:

  • A very little amount of data; if this is a problem, you will have to choose some encryption method with preshared keys (symmetric keys)
  • Lots of recipients; as the block cipher must be encrypted for each of them. If this is a problem, you will have to share the secret (private key) between all recipients.

You won't get around using either symmetric encryption and handing over the secret to every single recipient (or do the same with the private OpenPGP key). If you want everybody to have his own secret, nobody else will be able to decrypt his version of the data; so you will have to send everybody another version of this data.

Jens Erat

Posted 2013-01-11T22:16:13.677

Reputation: 14 141

0

I was actually looking to solve the same issue. The problem with gpg, is that you need to carry too much baggage with it - key store, etc. Sometimes you just want to create a keypair, put the public key on machine which does encryption and go with it.

I wrote a tool to do just that: https://github.com/galets/AsymmetricCrypt . You will need mono to run it on linux, but otherwise it works fine and doesn't require you to store encrypted key in separate file.

galets

Posted 2013-01-11T22:16:13.677

Reputation: 401

Asked: 2013-01-11T22:16:13.677

Viewed: 1 434 times

Active: 2013-11-25T04:56:56.193