Is it possible to perform input validation in a system with "true" end-to-end encryption?
Imagine there is a secret key, which is used for symmetric encryption. I.e.: anyone with this key can encrypt / decrypt a message.
A service allows users to store a message under a certain filepath, which can also be retrieved with that filepath. However, the service may wish to require certain characteristics of the message being stored.
The encrypted message:
- must actually be encrypted, and must be using a specified encryption standard
The original message:
- must not contain characters "x" or "y"
- must contain a string "my_substring"
- must match a certain regex pattern
Is it possible for such a system to exist, without allowing the system itself access to the encryption key, or the unencrypted message? I.e.: only users with the key can decrypt / encrypt the message, and at no point is this possible for the system, even in transit / in memory.
I have done a bit of research and this seems like it may fall under a zero-knowledge proof, however I have struggled to find applied examples of this for things like normal input validation.
I am interested to learn what if any of the above types of input validation may be possible in this scenario, as well as other types of validation or possibilities.
