I want to develop an application that will allow a user to create a public/priva

Question

I want to develop an application that will allow a user to create a public/private key pair, and encrypt it symmetrically with a key such that once they enter their password, they will be able to decrypt the key pair and retrieve its contents.

However, it is desirable for someone else that they trust to be able to decrypt the key as well, in case they lose access or have a reason for someone to be able to access the key pair (like a joint account).

Let's say that a user John has given Adam, Emily, and Scott access to the key pair, but it turns out that John no longer trusts Emily and wants to invalidate her access. Since she has already seen the private key, he has to generate a new one, but wants to do it in such a way that Adam and Scott will still have access without having to enter their password or do anything additional.

How can this be accomplished? Is this possible?

Explanation / Answer

Sure. Encrypt John's private key under Adam, Emily, and Scott's public key. When you revoke Emily and change John's keypair, encrypt John's new private key under Adam and Scott's public key. If Adam or Scott need access, they can decrypt. After the key change they will still have access and still be able to decrypt it, same as they were able to before.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.