Asymmetric Encryption for Multiple Recipients
Let’s assume an arbitrary group of people who hold a key pair and who make their public key online accessible.
Now X wants to encrypt a message once using A’s, B’s and C’s public key so that only A, B and C will be able to decrypt the same ciphertext.
Is that technically possible? If yes, does this asymmetric encryption method already have a name or known implementation?
Answer:
In that case you generate a random symmetric key for each message and use that symmetric key to encrypt the message. Then you encrypt one copy of that symmetric key per recipient with the key of that recipient and attach these to the message. So the message will contain of:
symmetric key S encrypted with public key A
symmetric key S encrypted with public key B
symmetric key S encrypted with public key C
plaintext encrypted with symmetric key S
This method is usually referred to as “hybrid encryption” and it is very common because most symmetric encryption and decryption systems are far faster than most asymmetric ones. So encrypting just a symmetric key with the expensive asymmetric algorithm and then using that symmetric key for the bulk of the message has far better performance, even when there is only one recipient.
Another useful side-effect is that it also prevents replay attacks and known-plaintext attacks. When you send the same message to the same recipient multiple times, the cyphertext will always be completely different because the symmetric key will be different. So an eavesdropper can’t tell if a message is identical to a previous one. A man-in-the-middle can also not replay a previous message because the recipient could become suspicious if the sender uses the same symmetric key twice.