Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I need to build a system that stores encrypted transactions. Transaction involve

ID: 650188 • Letter: I

Question

I need to build a system that stores encrypted transactions. Transaction involves always two parties. Payer and payee. Both must be able to download encrypted transaction from server and decrypt it using their own private key. And likewise issuing transaction must be possible by either one just by knowing both's public keys.

Is it safe to encrypt exactly same message twice (using different public keys), first by Alices public key and then by Bobs public key?(and make both 'versions' available) That way Alice can decrypt the first one and Bob the second one using their private keys. If attacker knows that two encrypted messages are actually the same, can that information help him crack the encryption?

Or is there a smarter way? And what algorithm do you recommend? I was thinking of RSA

Explanation / Answer

The traditional way to go about this would be to generate a symmetric key and use AES to encrypt the transaction using that symmetric key. You would then encrypt that symmetric key with Alice's public key and publish that. Then encrypt the symmetric key with Bob's public key and publish that. You also publish the AES encrypted version of the transaction.

I say that is the traditional way is you could, theoretically encrypt the transaction directly with RSA (though it is typically not recommended). The transaction would have to fit size constraints (see my comment).

Now, there is one additonal requirement that you might not be aware of. I'm assuming that you wouldn't want anyone to be able to modify any of these messages that will be uploaded to a server without being detected (think a hacker breaking into the server). Therefore, you will have to digitally sign the copies of the encrypted symmetric keys and compute a MAC on the AES encrypted transaction. The MAC could be a traditional HMAC or by using an authenticated encryption mode such as GCM.

Related Questions

I need to add enum in it but I still don\'t know how to do it! #include <iomanip
Question #3626128
I need to add extra charges for UPS and FedEx. Also the tax. But im not sure whe
Question #3852933
I need to add headings to my SQL columns which is generated by a batch file. How
Question #3750854
I need to add is that some string information - it must display all the names an
Question #664774
I need to add loops to validate my data. Add a menu to my program that allows us
Question #3843717
I need to add the code for the three additional L norms. Here is the code file:
Question #1846887
I need to add the code for the three additional L norms. Here is the code file:
Question #1846969
I need to add the excel document, can anyone tell me how? Or if you can send me
Question #3738993
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I need to build a small database for human resource department. In Employee tabl
Next
I need to build on this previous code. I need to store the numbers guessed from

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.