0

Is it possible to encrypt a secret with 2 public keys such that either of the 2 private keys can decrypt the secret? I've seen it said that this can be done with GPG but I need to find a library that can do it and so far find no leads.

I'm not set on a language or framework but considering (in order) Java, Go, Ruby, or Lua.

virullius
  • 939
  • 6
  • 17
  • What any PGP including GPG does, and also what PKCS7/CMS/S/MIME does, is encrypt the message symmetrically using a nonce key (aka DEK) which it encrypts separately under each of the recipient public keys, and sends _all_ of those encryptions, with related metadata. Each recipient selectes the one encrypted-DEK it can decrypt using its privatekey, and then decrypts the data. If that is what you want, BouncyCastle does both PGP and CMS/S/MIME in Java. If you want something different, specify exactly what. – dave_thompson_085 Sep 05 '18 at 00:32
  • Right, the data itself would be encrypted with AES and a random key. The symmetric encryption key is then encrypted with the public key. So are you saying that you encrypt the symmetric key twice, once with each public key? Yep, looks like that would solve this, thanks, I thought I was missing something simple. – virullius Sep 05 '18 at 00:51

0 Answers0