Encrypting for multiple users

[Chris De Young]

On 2/15/2010 12:34 AM, Mohan Radhakrishnan wrote:
> Hi,
> 
>           We have several public keys and we use all of them to encrypt
> files. Each recipient then decrypts the file using his or her own secret
> key. Now some recipients lose their keys and replace them. Some new
> encrypting keys get added. So we have several old files that the new
> users cannot read.
> 
> Can a single user generate several sub secret keys and distribute to the
> other recipients ? Does this solve the old file re-encryption problem
> somehow by still retaining individual keys ?
> 
> Our policy does not allow sharing of keys. So it looks like the subkeys
> have the same problem because all of them originate from a common key ?

I'm not intimately familiar with the way keys and subkeys are related
and interact, so I can't answer the exact question you asked. However,
in the general case, I think the only solution to this problem is to use
some sort of key escrow system. (The real solution is "don't lose your
keys" and key escrow is one way to try to implement that.)

If you design some way of generating several [sub]keys or something such
that the end result is the ability to regenerate a lost key, then you
have effectively shared your key (since others could regenerate it
without your participation). Your policy prohibits that, so whether or
not you can devise a system to do it is academic. Whether or not key
escrow counts as "sharing keys" is a question for your policy-makers.

As a general principle, if a secret key is unavailable, you WANT the
encrypted material it protects to become unavailable. That's rather the
point, no? :-)

-Chris

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100216/0fe2fb39/attachment.pgp>