Multi-certificate encryption with revocation



Someone on reddit brought up an idea of supporting multiple separate encryption/keys in a backup tool.

The main benefit: Support for separate roles that can back up to and restore from the same storage (and take advantage of deduplication) and yet separately and independently revocable;

Example: user A can backup and restore, user B can only backup, and user C can backup until August, when his certificate will expire or be revoked, all based purely on cryptography.

This use case could be a selling point for enterprises – where roles change and support for separate revokable permissions for backup data management is handy to say the least.

Implementation likely should be simply encrypting the existing symmetric encryption key with asymmetric user keys.

Drawbacks: additional work and backwards compatibility support for the feature nobody may care about in the first place.



Slightly related github issue for allowing multiple users to backup to a shared repo while maintaining some degree of privacy between users: Privacy for multiple users backing up to shared repo · Issue #416 · gilbertchen/duplicacy · GitHub