from Hacker News

Ask HN: Encryption algorithm with *multiple* decryption keys?

by rrnechmech on 8/22/24, 7:43 PM with 11 comments

Sorry for what might be a dumb question but, does there exist an encryption algo that allows something to be encrypted in such a way that any number of n keys or passwords or the like might decrypt? (Obviously to obtain the same cleartext)

  • by throwaway019254 on 8/22/24, 9:22 PM

    You encode the cleartext with a single master key. Then you encrypt the master key with multiple keys and store it together with the encrypted cleartext.

    This will not take much more space as only the master key is encrypted multiple times.

    Now anybody who has one of the keys can decrypt the master key and subsequently decrypt the cleartext.

  • by solardev on 8/22/24, 9:22 PM

    I took the OP to mean "any one of n keys can decrypt", not "you need at least n of x keys to decrypt".

    In that case... dumb answer... but couldn't you just encrypt it twice (or n times), with n separate keys? Or encrypt the actual thing with a symmetric key, then separately encrypt the symmetric key with a public keypair for each of n users, such that any one of them could regain the symmetric key for that one thing (but not anyone else's private keys).

  • by Terr_ on 8/22/24, 7:46 PM

    > encrypted in such a way that any number of n keys or passwords or the like might decrypt

    I'm assuming you mean "it requires 2 or more keys but less than all of them", so I'd check variations of: https://en.wikipedia.org/wiki/Secret_sharing

    The cases for "any individual key is enough" or "all keys required" are much simpler.

  • by raincom on 8/23/24, 4:50 AM

    Look at a similar question on the crypto stack exchange: "One Encryption, Many Decryption Keys":

    https://crypto.stackexchange.com/questions/39397/one-encrypt...

  • by aborsy on 8/24/24, 5:55 AM

    LUKS has several key slots. As someone said, it’s quite simple, the data encryption key is encrypted with multiple keys and stored in different slots.

    You can encrypt the data encryption key with, say, any 2 keys out of 3. You concatenate any two keys into a single key, and encrypt the master key with that. That gives you Shamir scheme, that used in crypto currencies.

  • by randompeach on 8/22/24, 10:38 PM

    age-encryption.org their project has a good documentation / standard of how age encryption works. Helped me to understand this topic better.

  • by stop50 on 8/22/24, 7:49 PM

    That would be the holy grail of encryption. The best we can do is an encryption method that needs an k amount of keys of n total keys to get the key that decrypts the data.

  • by samrolken on 8/22/24, 7:55 PM

    Threshold cryptography might be what you're looking for.