Shared Database Access using Composed Encryption Functions

Abstract

This article presents a two-stage encryption method for sharing access to a database where no single agency or device can ever encrypt or decrypt the data directly. Thus an attack by an opponent would have to succeed at two separate points. The main tool needed is a secure cryptosystem closed under composition: encrypting and re-encrypting using two successive keys is equivalent to a single encryption using some third key. An example cryptosystem satisfying this condition is exponentiation modulo a fixed prime.