Proxy Re-Encryption — Passing a Secret Key With Rust

While I love Golang, I like Rust. Rust feels robust, and I love the way it locks in versions for libraries. So, while other languages hide away a good deal, Rust shows you what it is doing and goes right back to the source code and recompiles it. It thus avoids those pesky library integrations. To me, Rust and cryptography is a marriage made in heaven. For one, it avoids the memory problems of C++, and for another, it just has a better way to build solutions and then integrate them with other languages. So, let’s do some Proxy Re-encryption with Rust.

Let’s say that Alice has stored an encrypted file which uses a given key (K_A). Alice can then protect her key by encrypting the key with her public key. She can then decrypt this encrypted key with her private key (E_pk(K_A)):

But let’s say that Alice now wants to share the encrypted document with Bob, and where we want to convert the key encrypted with Alice’s public key, into one that can be decrypted by Bob’s private key. For this, we can use transform (or proxy) re-encryption. At the core of this is a transform key, which is the key which can decrypt the protected key to Bob’s private one. This is done by…