Re: newbie Q: "Stacked" public key algorithm



Hi Tom,

I think you're right, if there's no known algorithm exist, that I would have
to go through a central distribute & encryption authority... I will be
difficulty to set this up, but o.k., if there's no other way, I'll try

many thanks for your support

steffen



tom@xxxxxxx wrote:

On May 13, 12:33 pm, Steffen Köhler <stef...@xxxxxxxxxxx> wrote:
...


Normally this is just accomplished by encrypting a message to multiple
recipients. Where you'd asymmetric encrypt a short random secret
which is used as a symmetric cipher for the bulk data. There's not
really any obvious way I think of having an RSA key which two people
could decrypt with and not really just know the secret data required
for both keys.

What you want is something that is actively enforced by policy. For
example, Alice receives an email encrypted to the master companies
public key. She sends it off [signed say] to the policy master, who
verifies the signature (and certificate), decrypts the message, and re-
encrypts it to Alice.

Tom

.