Web Application Security
Secret Sharing Aug 01 2013 02:48PM
saghar estehghari (s estehghari gmail com) (2 replies)
Re: Secret Sharing Aug 03 2013 04:10PM
Siim Põder (siim p6drad-teel net)
Re: Secret Sharing Aug 01 2013 04:01PM
Jamie Riden (jamie riden gmail com) (1 replies)
The answer is, I can't think of a better way of doing it. I believe
this is how EFS, etc. work - you have a single symmetric encryption
key and you encrypt this with the public key of anyone who you want to
be able to read the file.

But it's been a while since I read up on this, so I suggest you do a
sanity check.

cheers,
Jamie

On 1 August 2013 15:48, saghar estehghari <s.estehghari (at) gmail (dot) com [email concealed]> wrote:
> Hi,
>
> I'm working on a project which involves security of the cloud data.
>
> The scenario is as follows:
>
> Users A and B have registered to a cloud service (cloud assumed to be
> semi-trusted). A and B both have secret keys (KA and KB) (for
> symmetric encryption) and public keys (PKA and PKB) on the cloud
> server. KA and KB are each encrypted with the passwords of A and B.
>
> Now consider A wants to share a file F that is encrypted with key K (K
> is generate randomly by A). Now K should be shared securely with B
> over the cloud (we consider that B is not online at the time of
> sharing). To do this one option would be encrypting K with PKB which
> should be decrypted by B when he gets online. However this option
> seems to be complicated for my client.
>
> I was wondering whether you have better options in mind that could help me.
> Please let me know if the explantation is not clear.
>
> Thanks
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>

--
Jamie Riden / jamie (at) honeynet (dot) org [email concealed] / jamie.riden (at) gmail (dot) com [email concealed]
http://uk.linkedin.com/in/jamieriden

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: Secret Sharing Aug 03 2013 06:04PM
Nir Izraeli (nirizr gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus