• caglararli@hotmail.com
  • 05386281520

Is it possible to perform input validation in a system with "true" end-to-end encryption?

Çağlar Arlı      -    2 Views

Is it possible to perform input validation in a system with "true" end-to-end encryption?

Imagine there is a secret key, which is used for symmetric encryption. I.e.: anyone with this key can encrypt / decrypt a message.

A service allows users to store a message under a certain filepath, which can also be retrieved with that filepath. However, the service may wish to require certain characteristics of the message being stored.

The encrypted message:

  • must actually be encrypted, and must be using a specified encryption standard

The original message:

  • must not contain characters "x" or "y"
  • must contain a string "my_substring"
  • must match a certain regex pattern

Is it possible for such a system to exist, without allowing the system itself access to the encryption key, or the unencrypted message? I.e.: only users with the key can decrypt / encrypt the message, and at no point is this possible for the system, even in transit / in memory.

I have done a bit of research and this seems like it may fall under a zero-knowledge proof, however I have struggled to find applied examples of this for things like normal input validation.

I am interested to learn what if any of the above types of input validation may be possible in this scenario, as well as other types of validation or possibilities.