Strawman: Multiparty encrypted content

9 views

Skip to first unread message

John Carlson

unread,

Jan 21, 2025, 7:19:47 PMJan 21

to cap-...@googlegroups.com

I don’t remember if I sent this or not. There are corrections.

Multi-party encryption

---------------------

Basic ideas:

A sender/client has a server's public key and 5 packets of information:

1. Encrypt recipients' routing information with servers' public keys.

2. Encrypt bulk keys or symmetric keys with recipients' public keys.

3. Encrypt message with bulk or symmetric keys from previous packet.

4. Optionally encrypt packet 1 with sender's private key. (Exercise left to reader which keys to apply first.)

5. Optionally encrypt packet 2 with sender's private key. (Exercise left to reader.)

4 and 5 are required for non-repudiation or proving who sent the message.

A sender prepares a message including recipients' routing information, dependent on which communication network you are on. This may mean IPv4, IPv6, TCP or UDP port, hostname, message storage agent (MSA--possibly SMTP/IMAP), message user name, and chat network handle.

The message user agent (MUA) retrieve's the server's current public key, possibly using a web browser, or web client.

The routing information is encrypted with the server's public key, or a client/server bulk key previously negotiated between client and server.

Bulk or symmetric keys for the message are encrypted with each recipients' public key. Either together, or individually.

The message is encrypted with the bulk key(s) for each user or a single bulk key is use for all recipients.

The sender connects to message transfer agent (MTA), and sends encrypted routing information, encrypted recipients' bulk keys, and the encrypted message.

The MTA unpacks the routing information using it's private key, determines what MTAs or MSAs need to be contacted from routing information. It has the MTAs or MSAs public keys, and rewraps the routing information using the public keys of the other servers. Not all routing need be included, just that necessary for each MTA or MSA to transmit the message to the desired recipients.

The package that contains the asymmetrically encrypted bulk keys for the message is untouched, as well as the encrypted message is untouched by the servers.

The new routing information is passed to other servers along with the other packets.

The recipients do not see the routing information, unless it is incorporated by the sender. The sender may provide a public key for verification that they sent the message. The sender's private key might encrypt the bulk or symmetric key in packet (2) above for extra security.

The recipients pick up the message in their message inbox, decrypt the bulk key using their private keys, and decrypt the message using the bulk key.

Reply all

Reply to author

Forward

0 new messages