Encryption question

[dillpicklechips]

Let's say I have some data that's encrypted with a few public keys including my own. Is it possible to revoke a key for the data without decrypting it fully and encrypting it again with the keys I wish to remain with it?

[MysteryMiner]

Short answer - No
TL;DR - It depends. Only software that I'm aware of being able to revoke one of multiple keys without decryption are full disk encryption on Linux.

What software are used and what you want to achieve?

[dillpicklechips]

Short answer - No
TL;DR - It depends. Only software that I'm aware of being able to revoke one of multiple keys without decryption are full disk encryption on Linux.

What software are used and what you want to achieve?

Kind of like "no knowledge" hosting like spideroak but easy to share data with others using many public keys for who you want to share with. But sometimes you want to remove a person from having access from that time on. I don't want the server restricting access but the actual encryption. My basic understanding is that the data has to be decrypted and then re-encrypted?

[MysteryMiner]

yes, it needs to be re-encrypted to remove access to particular key. If he don't have previous copy of file.

Maybe encrypting file with symmetric master key and then encrypting the master key with asymmetric key can save the decrypt-encrypt process of all data.

[dillpicklechips]

yes, it needs to be re-encrypted to remove access to particular key. If he don't have previous copy of file.

Maybe encrypting file with symmetric master key and then encrypting the master key with asymmetric key can save the decrypt-encrypt process of all data.

How about using multiple public keys? If I have multiple public keys for each person then I could just re-encrypt with the one person removed and they won't be able to see the data. The only drawback then would be that the data has to be decrypted twice to get it now? Would that work?

[theymos]

If you send someone some ciphertext that they can decrypt, then they'll always be able to decrypt that ciphertext.

It's easy to remove a recipient from an OpenPGP encrypted message. Just remove the packet with their encrypted session key. I don't know how you would do this with any PGP tool, though.

[MysteryMiner]

As I understand he wants to do this on server side.

[dillpicklechips]

As I understand he wants to do this on server side.

Exactly. I want to set up sharing of data on a server. At no time can the server see what the data is. I'd like to then change who has access without the server ever being able to see the data.

[theymos]

Encrypt the data with a random key using symmetric crypto (ie AES). For each person who can get access, encrypt to their public key:
- The random key used with the symmetric crypto.
- A unique access key which the server also knows in a database.

The downloader first downloads the public-key-encrypted file. They send the access key to the server, which allows them to download the larger encrypted file if the access key is OK. Then they can decrypt it using the data key.

To revoke access, delete their public-key-encrypted files and remove their access keys from the database.

[dillpicklechips]

Thanks theymos and MysteryMiner. You have given me more to think about!