0

I'm going to re-phrase my question completely so it makes more general sense (and correct my blunder with AES/RSA).

Alice has a large block of data to send to Bob via a local mailbox that isn't secure. To keep her data from prying eyes, she does this:

  • She generates a random 256-bit key
  • She uses AES-256 encryption to encrypt the data using the key
  • She uses Bob's public key to encrypt the key she's used
  • She puts the encrypted data and the encrypted key in the mailbox addressed to Bob

Mike the mailman picks up the mail from the mailbox. However, he doesn't want to lug the data all the way across the internet to Bob's place if bob isn't going to be able to decrypt it.

The question is, how can Mike ascertain whether the key has actually been encrypted using Bob's public key?

In my application I need to transport sensitive data to a data centre. To achieve this, I have an upload process that accepts files (that have already been AES-encrypted with a key, then the key is encrypted with the recipient's public key) and sends them to the data centre. The corresponding private key is held at the data centre and used to decrypt the files on receipt. This is currently in the design stage so there is some flexibility on the public/private key technology to be used but it's likely to be a C# application that's doing the work.

I would like to protect against uploading files that have NOT been encrypted using the public key (because I may waste significant bandwidth and the receiving application at the datacentre will fail to decrypt them).

So, what I want to know is how can I tell at the sending end whether a file has been encrypted using a given public key?

In a nutshell, I have an encrypted file and a public key. Has the file been encrypted with that key?

Thanks in advance etc.!

Thickycat
  • 894
  • 6
  • 12
  • 1
    First of all, the entire file will *not* have been encrypted with the public key. Instead, an implementation of some variant of a hybrid encryption scheme will be used which means the file will be encrypted with AES using a random AES key and the AES key will be encrypted using the public key algorithm. Secondly, you cannot reliably know if the file has been properly encrypted until the decryption operation is attempted. The decryptor will decrypt the file and must verify the MAC before accepting the file as valid. – President James K. Polk Nov 09 '18 at 16:50
  • Thanks. Of course - yes, I wasn't thinking hard enough - yes, it'll be a symmetric encryption for the file. So, I 'could' send the encrypted key along with the first part of the file and ask if it can be decrypted ok, perhaps including a hash of the original first part of the file and only send the rest if the first part is ok, but this is sounding over-complex... – Thickycat Nov 09 '18 at 17:02
  • If you just need to upload and process the content, simple TLS/SSL would do the job. If you need to store the content encrypted you have to post a whole structure (encrypted symmetric key, iv, ciphertext, mac,..). You may not be able to tell if the content is random or encrypted until you don't decrypt – gusto2 Nov 13 '18 at 17:32

0 Answers0